Last active
December 7, 2023 23:03
-
-
Save ehindiayleau/507e33e18ea5f15bff250708f2722c43 to your computer and use it in GitHub Desktop.
Inject Multiple IP Addresses Into A Single Windows Firewall Rule With A Batch and Text File
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| if "%1"=="list" ( | |
| netsh advfirewall firewall show rule multiple_ip_to_fw_rule | findstr RemoteIP | |
| exit/b | |
| ) | |
| netsh advfirewall firewall delete rule name="multiple_ip_to_fw_rule" | |
| for /f %%i in (C:\PATH_TO_TEXT_FILE_WITH_IP_ADDRESSES\multiple_ip_to_fw_rule.txt) do ( | |
| netsh advfirewall firewall add rule name="multiple_ip_to_fw_rule" protocol=any dir=in action=block remoteip=%%i | |
| netsh advfirewall firewall add rule name="multiple_ip_to_fw_rule" protocol=any dir=out action=block remoteip=%%i | |
| ) | |
| call %0 list | |
| pause |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 199.7.91.0/24,192.203.230.0/24,192.112.36.0/24,198.97.192.0/21,198.97.184.0/21,198.97.180.0/22 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The text file containing the IP addresses must be comma separated addresses in a single line with no spaces in order to be injected into a single rule. Any spaces will cause a new rule with the same name to be created. Can be single IP addresses, ranges, or CIDR format. Windows firewall has a limit of no more than 1000 addresses per a rule I believe, therefore the IP list will throw a;
if the limit is succeeded.