python获取目录下所有exe并导出火绒禁网规则json文件
使用python获取指定目录下所有exe文件,并生成火绒可导入的json文件,将之导入火绒安全设置--系统防护--联网控制中,从而实现应用禁网
点击查看代码
from pathlib import Path
import json
# 找出路径下所有exe
def find_all_exe(dirs):
files = []
# 过滤规则
filter_rulers = ["*.exe","*.dll"]
for filter in filter_rulers:
for dir_cur in dirs:
p = Path(dir_cur).rglob(filter)
for i in p:
# print(i)
# 获取地址字符串
file_path = str(i)
# 地址转义
new_file = "\\".join(file_path.split("\\"))
files.append(new_file)
return files
# 将字典格式化为火绒导入规则json文件
def format_data_to_huorong(data_lst):
res_dict = {
"ver":
"5.0",
"tag":
"appnetctrl",
"data": []
}
for path in data_lst:
cur_dict = {"procname": path, "block": True}
res_dict["data"].append(cur_dict)
return res_dict
# 获取今天的日期
def get_today_date():
import datetime
today = datetime.date.today()
return today.strftime("%Y-%m-%d")
# 获取时间戳后四位
def get_time_stamp():
import time
return str(int(time.time()))[-4:]
# 将字典写入到文件
def dict_to_json_write_file(dict):
file_name = f'火绒规则生成-{get_today_date()}-{get_time_stamp()}.json'
print(file_name)
with open(file_name, 'w', encoding="utf-8") as f:
json.dump(dict, f, indent=2)
f.write("\r\n")
if __name__ == '__main__':
print("begin")
mdirs = [
r"C:\Program Files (x86)",
]
all_files = find_all_exe(mdirs)
huorong_dict = format_data_to_huorong(all_files)
dict_to_json_write_file(huorong_dict)
print("done")
新源码
更新自2026年2月12日
点击查看代码
from pathlib import Path
import json
import time
# 所有可能具备联网能力的文件扩展名(可根据需要调整)
NETWORK_CAPABLE_EXTENSIONS = [
"*.exe",
"*.dll",
"*.bat", "*.cmd",
"*.ps1",
"*.vbs", "*.js", "*.jse",
"*.scr",
"*.msi",
]
def find_network_capable_files(dirs, extensions):
files_set = set()
for ext in extensions:
for dir_path in dirs:
try:
for file in Path(dir_path).rglob(ext):
abs_path = str(file.resolve())
files_set.add(abs_path)
except (OSError, PermissionError) as e:
print(f"跳过无法访问的目录: {dir_path} | 错误: {e}")
return sorted(files_set)
def format_data_to_huorong_v6(file_paths, block=True):
"""生成火绒 6.0 版本 appnetctrl 规则"""
current_time = int(time.time()) # 获取当前 Unix 时间戳(秒)
return {
"ver": "6.0",
"tag": "appnetctrl",
"data": [
{
"procname": path,
"block": block, # true=禁止联网,false=允许联网
"time": current_time
}
for path in file_paths
]
}
def get_today_date():
from datetime import date
return date.today().strftime("%Y-%m-%d")
def write_json_file(data_dict, suffix=""):
timestamp_tail = str(int(time.time()))[-4:]
filename = f'火绒规则-v6-{get_today_date()}-{timestamp_tail}{suffix}.json'
with open(filename, 'w', encoding='utf-8') as f:
json.dump(data_dict, f, ensure_ascii=False, indent=2)
f.write("\n")
print(f"✅ 已生成规则文件: {filename}")
return filename
def split_and_write_rules(file_paths, batch_size=100, block=True):
"""分批写入,避免超过火绒单次导入上限(约100条)"""
total = len(file_paths)
if total == 0:
print("⚠️ 无文件可生成规则。")
return
for i in range(0, total, batch_size):
batch = file_paths[i:i + batch_size]
data = format_data_to_huorong_v6(batch, block=block)
suffix = f"_part{i//batch_size + 1}"
write_json_file(data, suffix=suffix)
if __name__ == '__main__':
print("开始扫描可能联网的文件...")
target_dirs = [
# r"C:\Program Files (x86)",
r"C:\Program Files\",
# 可按需添加其他目录
]
all_files = find_network_capable_files(target_dirs, NETWORK_CAPABLE_EXTENSIONS)
print(f"共找到 {len(all_files)} 个匹配文件。")
if not all_files:
print("未找到任何文件,请检查路径和权限。")
else:
# 分批生成,每批100条,全部设置为 block=true(禁止联网)
split_and_write_rules(all_files, batch_size=100*100, block=True)
print("完成!请在火绒中逐个导入生成的 JSON 文件。")
导入规则以后,记得要打开防护中心的开关,才能启用规则
浙公网安备 33010602011771号