采用IPSec策略编程实现屏蔽IP功能
80 + ipAddrDetail[0] 81 + " dstport=" 82 + ipAddrDetail[1] 83 +" protocol=TCP").waitFor(); 84 85 // me -> [IP]:[port] UDP 86 Runtime.getRuntime().exec( 87 "netsh ipsec static add filter filterlist=" 88 + FILTER_LIST_NAME 89 + " srcaddr=me dstaddr=" 90 + ipAddrDetail[0] 91 + " dstport=" 92 + ipAddrDetail[1] 93 +" protocol=UDP").waitFor(); 94 95 // [IP]:[port] -> me TCP 96 Runtime.getRuntime().exec( 97 "netsh ipsec static add filter filterlist=" 98 + FILTER_LIST_NAME 99 + " srcaddr="100 + ipAddrDetail[0]101 +" dstaddr=me srcport="102 + ipAddrDetail[1]103 + " protocol=TCP").waitFor();104 105 // [IP]:[port] -> me UDP106 Runtime.getRuntime().exec(107 "netsh ipsec static add filter filterlist="108 + FILTER_LIST_NAME109 + " srcaddr="110 + ipAddrDetail[0]111 +" dstaddr=me srcport="112 + ipAddrDetail[1]113 + " protocol=TCP").waitFor();114 115 System.out.println("已过滤" + ipAddr);116 } else if(ip_pattern.matcher(ipAddr).matches()) {117 // 保留其中一个即可，也可以全写118 // me -> [IP]119 Runtime.getRuntime().exec(120 "netsh ipsec static add filter filterlist="121 + FILTER_LIST_NAME122 + " srcaddr=me dstaddr="123 + ipAddr124 + " protocol=ANY").waitFor();125 126 // [IP] -> me127 Runtime.getRuntime().exec(128 "netsh ipsec static add filter filterlist="129 + FILTER_LIST_NAME130 + " srcaddr="131 + ipAddr 132 +" dstaddr=me protocol=ANY").waitFor();133 System.out.println("已过滤" + ipAddr);134 } else {135 System.out.println(ipAddr + "不是合法的格式");136 }137 }138 } catch (Exception e) {139 e.printStackTrace();140 } finally {141 if (br != null) {142 br.close();143 br = null;144 }145 }146 System.out.println("done!");147 } else if (args[0].equals("-a")) {148 if (ip_pattern.matcher(args[1]).matches()) {149 // me -> [IP]150 Runtime.getRuntime().exec(151 "netsh ipsec static add filter filterlist="152 + FILTER_LIST_NAME + " srcaddr=me dstaddr="153 + args[1]154 + " protocol=ANY").waitFor();155 156 // [IP] -> me157 Runtime.getRuntime().exec(158 "netsh ipsec static add filter filterlist="159 + FILTER_LIST_NAME + " srcaddr="160 + args[1]161 +" dstaddr=me protocol=ANY").waitFor();162 163 System.out.println("已过滤" + args[1]);164 } else if(ip_port_pattern.matcher(args[1]).matches()) {165 String ipAddrDetail[] = args[1].split(":");166 167 // me -> [IP]:[port] TCP168 Runtime.getRuntime().exec(169 "netsh ipsec static add filter filterlist="170 + FILTER_LIST_NAME 171 + " srcaddr=me dstaddr="172 + ipAddrDetail[0]173 + " dstport="174 + ipAddrDetail[1]175 + " protocol=TCP").waitFor();176 177 // me -> [IP]:[port] UDP178 Runtime.getRuntime().exec(179 "netsh ipsec static add filter filterlist="180 + FILTER_LIST_NAME 181 + " srcaddr=me dstaddr="182 + ipAddrDetail[0]183 + " dstport="184 + ipAddrDetail[1]185 + " protocol=UDP").waitFor();186 187 // [IP]:[port] -> me UDP188 Runtime.getRuntime().exec(189 "netsh ipsec static add filter filterlist="190 + FILTER_LIST_NAME 191 + " srcaddr="192 + ipAddrDetail[0]193 +" dstaddr=me"194 + " srcport="195 + ipAddrDetail[1]196 + " protocol=UDP").waitFor();197 198 // [IP]:[port] -> me TCP199 Runtime.getRuntime().exec(200 "netsh ipsec static add filter filterlist="201 + FILTER_LIST_NAME 202 + " srcaddr="203 + ipAddrDetail[0]204 +" dstaddr=me"205 + " srcport="206 + ipAddrDetail[1]207 + " protocol=TCP").waitFor();208 209 System.out.println("已过滤" + args[1]);210 } else {211 System.out.println(args[1] + "不是合法的格式");212 }213 } else {214 printUsage();215 }216 217 }218 219 static void printUsage() {220 System.out.println("Usage:IPFilter type [filename|IPAddr]");221 System.out.println("type: [-f | -a]");222 System.out.println(" -f filename");223 System.out.println(" -a IPAddr");224 }225 226 }

编译完成后，可以执行查看运行结果：

1. 屏蔽117.30.180.209:19122，执行以下命令：

?

2. 屏蔽屏蔽117.30.180.209，执行以下命令：

?

3. 屏蔽ip.txt中地址信息，执行以下命令：