blocking ip address with netsh filter
The netsh ipsec
and netsh firewall
contexts are provided for backwards-compatibility with Windows 2000/XP/2003. Both were good for working remotely with older versions of Windows, and for configuring policies for mixed environments. Now that all these versions of Windows are EOL, both these contexts have become deprecated.
For these features in all current versions of Windows, use the netsh advfirewall
context instead.
(Even before, you would have used netsh firewall
instead of netsh ipsec
for blocking an IP address. Secondly, netsh ipsec
doesn't have command add
(including add policy
), but only static add filter|filter(action|list)|policy|rule
and dynamic add (q|m)mpolicy|rule
.)
For blocking a single IP (198.51.100.108
from RFC 5737 TEST-NET-2
):
netsh advfirewall firewall add rule name="IP Block" ^
dir=in interface=any action=block remoteip=198.51.100.108/32
You can now see your rule with netsh advfirewall firewall show rule name="IP Block"
:
Rule Name: IP Block
----------------------------------------------------------------------
Enabled: Yes
Direction: In
Profiles: Domain,Private,Public
Grouping:
LocalIP: Any
RemoteIP: 198.51.100.108/32
Protocol: Any
Edge traversal: No
Action: Block
Ok.
And delete it with a matching delete rule
criteria; in this case name
and remoteip
are sufficient:
netsh advfirewall firewall delete rule name="IP Block" remoteip=198.51.100.108/32`
For detailed information, see Netsh AdvFirewall
Firewall Commands or netsh advfirewall ?
Related videos on Youtube
madam mar
Updated on September 18, 2022Comments
-
madam mar almost 2 years
i am trying to block ip address on my machine by doing the following in
cmd
netsh ipsec add policy name=IPSystem netsh ipsec static add filter filterlist=BlackList srcaddr=74.356.69.108 dstaddr=me&&
but it seems the IP address did not blocked what i am doing wrong ?
i am using windows 8.1
-
madam mar about 7 yearsif i want to delete that rule should i call delete instead of add ?
-
Esa Jokinen about 7 yearsI find the manual clear enough, and you can get more information on every
netsh
command in with?
, e.g.netsh advfirewall firewall delete rule ?
, so the manual comes along. But now it's also in my answer. -
Esa Jokinen about 7 yearsAlso notice that the
74.356.69.108
you were originally trying to block is not an IP address, because356
>255
. Butnetsh
is kind; it would have guided you further with an error:A specified IP address or address keyword is not valid.