Skip to content

Instantly share code, notes, and snippets.

@ehindiayleau
Last active June 3, 2024 23:33
Show Gist options
  • Save ehindiayleau/507e33e18ea5f15bff250708f2722c43 to your computer and use it in GitHub Desktop.
Save ehindiayleau/507e33e18ea5f15bff250708f2722c43 to your computer and use it in GitHub Desktop.
Inject Multiple IP Addresses Into A Single Windows Firewall Rule With A Batch and Text File
@echo off
if "%1"=="list" (
netsh advfirewall firewall show rule multiple_ip_to_fw_rule | findstr RemoteIP
exit/b
)
netsh advfirewall firewall delete rule name="multiple_ip_to_fw_rule"
for /f %%i in (C:\PATH_TO_TEXT_FILE_WITH_IP_ADDRESSES\multiple_ip_to_fw_rule.txt) do (
netsh advfirewall firewall add rule name="multiple_ip_to_fw_rule" protocol=any dir=in action=block remoteip=%%i
netsh advfirewall firewall add rule name="multiple_ip_to_fw_rule" protocol=any dir=out action=block remoteip=%%i
)
call %0 list
pause
199.7.91.0/24,192.203.230.0/24,192.112.36.0/24,198.97.192.0/21,198.97.184.0/21,198.97.180.0/22
@ehindiayleau
Copy link
Author

The text file containing the IP addresses must be comma separated addresses in a single line with no spaces in order to be injected into a single rule. Any spaces will cause a new rule with the same name to be created. Can be single IP addresses, ranges, or CIDR format. Windows firewall has a limit of no more than 1000 addresses per a rule I believe, therefore the IP list will throw a;

No rules match the specified criteria.

Press any key to continue . . .

if the limit is succeeded.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment