I foud a out to use "netsh advfirewall firewall set rule name = "name" new remoteip=1.1.1.1" for setting an ip address intoa rule.
But how can I add an ip to the rule? In this case I would replace the IP adresses and not add one.
Background is that I have a firewall rule onmy FTP Server to block several ip ranges due normal brute force attacks. This works but I plan to write a program for this to do this automaticly. So I need to append the list.
Any hints?
Editing firewall rules: adding ip addresses into firewall rule
July 30th, 2009 11:57am
Hello,
Thanks for your post.
To replace the remote IP address in a firewall rule, you may run the following command:
netsh advfirewall firewall set rule name=<rule_name> new remoteip=<new IP>
Using the Netsh Advfirewall Command-Line Tool
http://technet.microsoft.com/en-us/library/cc770887(WS.10).aspx
If you have any questions or concerns, please do not hesitate to let me know.
Free Windows Admin Tool Kit Click here and download it now
July 31st, 2009 10:14am
Hello,
thank you for the answer. As I wrote above I found the command option. But how can I add an IP Address without overwriting the existing?
thank you for the answer. As I wrote above I found the command option. But how can I add an IP Address without overwriting the existing?
July 31st, 2009 10:29am
Hello,
Thanks for the update.
From my research, it seems that there is no way to add additional IP addresses to an existing rule via netsh command.
I will report this issue to the product group to check whether there is any workaround to achieve that. Thanks for your report.
Free Windows Admin Tool Kit Click here and download it now
August 3rd, 2009 10:15am
Thank you for the reply.
Meanwhile I found a way which is ok for me.
Background:
I have a public FTP which I want to limit the access to my country only because this would be enough. The advantage of doeing this is that I can avoid bruteforce attacks from other countries (mostly from Asia).
I wrote a text file with the information which is needed for the netsh. HereI can modify the text.
In this script I looked for the provider addresses from ripe.net.
pushd advfirewall
set store gpo=<policy>
popd
pushd advfirewall firewall
set rule name="FTP (eingehend)" new remoteip=194.25.0.0/16,193.158.0.0/16,193.159.0.0/16,195.145.0.0/16,62.156.0.0/16,195.243.0.0/16,62.157.0.0/16,212.184.0.0/16,212.185.0.0/16,62.158.0.0/16,62.159.0.0/16,62.155.0.0/16,62.154.0.0/16,62.153.0.0/16,62.224.0.0/16,62.225.0.0/16,62.226.0.0/15,217.0.0.0/13,217.80.0.0/12,217.224.0.0/11,80.128.0.0/11,81.28.64.0/20,84.128.0.0/10,87.128.0.0/11,87.160.0.0/11,91.0.0.0/10,79.192.0.0/10,93.192.0.0/10,160.44.0.0/16,164.16.0.0/12,164.32.0.0/15,164.34.0.0/16,195.50.128.0/19,195.50.160.0/19,212.144.0.0/16,145.253.0.0/16,145.254.0.0/16,213.23.0.0/17,213.23.128.0/17,82.82.0.0/15,84.56.0.0/13,88.64.0.0/12,92.72.0.0/13,94.216.0.0/13,188.96.0.0/12,212.59.32.0/19,81.14.128.0/17,89.182.0.0/15,89.182.0.0/15,89.14.0.0/15,77.176.0.0/12,93.128.0.0/13,95.112.0.0/12,151.189.128.0/17,151.189.64.0/18,151.189.0.0/18,80.226.0.0/16,90.186.0.0/15,77.24.0.0/15,193.254.128.0/19,193.254.160.0/20,80.187.0.0/16,88.128.0.0/16,212.23.96.0/19,92.116.0.0/15,188.46.0.0/16,193.100.0.0/15,193.96.0.0/14,193.102.0.0/16,193.103.0.0/16,194.115.0.0/16,194.139.0.0/16,194.172.0.0-194.175.255.255,193.155.0.0/16,195.124.0.0-195.127.255.255,213.68.0.0/16,213.69.0.0/16,213.70.0.0/15,195.90.0.0/19,195.158.160.0/19,212.202.0.0/16,213.160.0.0/19,213.148.128.0/19,217.146.0.0/16,212.60.192.0/18,83.236.0.0/16,84.245.128.0/18,87.193.0.0/16,87.234.0.0/16,92.192.0.0/11,83.169.128.0/18,88.134.0.0/16,91.64.0.0/14,77.20.0.0/14,95.88.0.0/14,188.192.0.0/14,195.80.192.0/19,195.32.128.0/17,212.63.32.0/19,212.5.0.0/19,212.4.160.0/19,212.84.192.0/18,212.110.192.0/19,212.105.192.0/19,194.140.96.0/19,62.145.0.0/19,212.99.128.0/18,212.99.192.0/19,62.206.0.0/16,62.8.128.0/17,217.78.160.0/20,213.217.64.0/18,82.113.96.0/19,89.204.128.0/19,194.97.0.0/16,62.104.0.0/16,195.20.224.0/19,212.227.0.0/16,213.165.64.0/19,217.72.192.0/20,217.160.0.0/16,2.165.0.0/16,87.106.0.0/16,93.122.0.0/17,193.254.128.0/19,193.254.160.0/20,80.187.0.0/16,88.128.0.0/16,172.16.0.0/16
- Marked as answer by Markus Schuhmacher Tuesday, August 04, 2009 11:02 AM
August 3rd, 2009 1:45pm
Hello,
Thanks for sharing your solution.
I'm glad to hear that things are working correctly. I am sure that other community members will benefit from your workaround. Please do not hesitate to post in Technet Forum if you need any assistance in the future.
Free Windows Admin Tool Kit Click here and download it now
August 4th, 2009 10:13am
I've forgotten to mention that I need to go this way because using the normal command line it won't be possible to
1. change the store (set store = ) because its for the instance only
2. add so many IP Adresses because the command line would be to long (even using a batch script). The system is cutting of the addresses after some kind of length.
So you need to run <netsh exec "netsh-script"> to run the previous created netsh script.
1. change the store (set store = ) because its for the instance only
2. add so many IP Adresses because the command line would be to long (even using a batch script). The system is cutting of the addresses after some kind of length.
So you need to run <netsh exec "netsh-script"> to run the previous created netsh script.
- Marked as answer by Markus Schuhmacher Tuesday, August 04, 2009 11:02 AM
- Edited by Markus Schuhmacher Tuesday, August 04, 2009 11:48 AM
August 4th, 2009 11:02am
Hey Markus,
I've tried your solution many times and cant get past the size limit of the command line. It goes about 1000 characters then i get the error: "The following commnad was not found: 113.208.113.21,113.208.113.22,........
Any ideas?
Free Windows Admin Tool Kit Click here and download it now
June 22nd, 2010 6:48pm
JimmyVP,
I believe Markus is passing his entire script to netsh via the -f option which reads from a file instead of the command line:
netsh -f ScriptFile
July 10th, 2010 9:03am
JimmyVP,
I believe Markus is passing his entire script to netsh via the -f option which reads from a file instead of the command line:
netsh -f ScriptFile
Sorry, I have forgotten to answer to your post Jimmy.
This is correct. I used -f. I thought I made this clear in my post.
Free Windows Admin Tool Kit Click here and download it now
July 10th, 2010 10:05am
Prevent your server with Windows Firewall to block Semalt, Fraud countries, hackers, spam and more...
I have a Windows server with serveral webshops and is focused on the European and US/Canadian market.
Every day my server is attacked by hackers and spammers mostly from fraud countries.
Now you can easily protect your Windows server with this very simple script against it.
You can block a country and/or countries/continents with it.
Most fraud countries are on the list and you can add more or remove them.
You can use this script for Windows 7, 8 and 8.1 systems.
Download the RAR file (protect_your_server.rar) from:
http://stackoverflow.com/questions/29865928/windows-firewall-to-block-semalt-fraud-countries-spam-and-more
Insert here also your comments and/or new ideas, please
I hope that I can make a lot of people happy with this script! :-)
I have a Windows server with serveral webshops and is focused on the European and US/Canadian market.
Every day my server is attacked by hackers and spammers mostly from fraud countries.
Now you can easily protect your Windows server with this very simple script against it.
You can block a country and/or countries/continents with it.
Most fraud countries are on the list and you can add more or remove them.
You can use this script for Windows 7, 8 and 8.1 systems.
Download the RAR file (protect_your_server.rar) from:
http://stackoverflow.com/questions/29865928/windows-firewall-to-block-semalt-fraud-countries-spam-and-more
Insert here also your comments and/or new ideas, please
I hope that I can make a lot of people happy with this script! :-)
April 25th, 2015 4:19pm
This topic is archived. No further replies will be accepted.
Other recent topics
