Configuring many block IPs in Windows Firewall

Question

I have a large number of remote IPs to specify in Windows Firewall for a blocking rule. The only way I know to enter them is by labouriously entering them an inbound rule's properties Scope tab.

Is there a more efficient way such as a command line option or, even better, pointing to a text file containing the IPs/IP masks?

I'm on Windows Server 2008

score 5 · Accepted Answer · answered Oct 30 '10 at 19:22

5

Assuming the IP addresses are in a text file called "ip.txt", just do:

for /f %i in (ip.txt) do echo netsh advfirewall firewall add rule name="Block %i" dir=in protocol=any action=block remoteip=%i

In a batch file, be sure to change "%i" to "%%i".

answered Oct 30 '10 at 19:22

Evan Anderson

141,881
20
196
331

score 1 · Answer 2 · answered Oct 30 '10 at 16:37

1

Use the RunSynchronous command to add, to modify, or to delete Windows Firewall rules.

You can also use an Unattend.xml with the Networking-MPSSVC-Svc component.

More information on technet here

answered Oct 30 '10 at 16:37

Fergus

1,313
9
19

score 1 · Answer 3 · answered Oct 30 '10 at 17:04

1

You should be able to use the netsh command to add/remove firewall rules via the command line. You can also use a batch for loop to pull the IP addresses from a file.

answered Oct 30 '10 at 17:04

Dan

1,278
18
27

Configuring many block IPs in Windows Firewall

3 Answers3