Windows – Configuring many block IPs in Windows Firewall

firewallwindowswindows-firewallwindows-server-2008

I have a large number of remote IPs to specify in Windows Firewall for a blocking rule. The only way I know to enter them is by labouriously entering them an inbound rule's properties Scope tab.

Is there a more efficient way such as a command line option or, even better, pointing to a text file containing the IPs/IP masks?

I'm on Windows Server 2008

Best Answer

Assuming the IP addresses are in a text file called "ip.txt", just do:

for /f %i in (ip.txt) do echo netsh advfirewall firewall add rule name="Block %i" dir=in protocol=any action=block remoteip=%i

In a batch file, be sure to change "%i" to "%%i".

Related Solutions

Windows – Useful Command-line Commands on Windows

A little known one is

getmac

It shows the MAC address(es) of your network adapter(s).

Screenshot of running getmac from a Windows commandline window.

Windows Server 2008 R2 Firewall — Block ICMP except specific IPs

No need to create a rule from scratch. There should be a rule called File and Printer Sharing (ICMPv4). Enable this and lock down to IPs you want.

EDIT: Make sure that you edit the correct version of firewall. I.E. Domain, if you connected to a domain etc.

Best Answer

Related Solutions

Windows – Useful Command-line Commands on Windows

Windows Server 2008 R2 Firewall — Block ICMP except specific IPs

Related Topic