blocking ip address with netsh filter

windows firewall windows-firewall netsh
12,415

The netsh ipsec and netsh firewall contexts are provided for backwards-compatibility with Windows 2000/XP/2003. Both were good for working remotely with older versions of Windows, and for configuring policies for mixed environments. Now that all these versions of Windows are EOL, both these contexts have become deprecated.

For these features in all current versions of Windows, use the netsh advfirewall context instead.

(Even before, you would have used netsh firewall instead of netsh ipsec for blocking an IP address. Secondly, netsh ipsec doesn't have command add (including add policy), but only static add filter|filter(action|list)|policy|rule and dynamic add (q|m)mpolicy|rule.)

For blocking a single IP (198.51.100.108 from RFC 5737 TEST-NET-2):

netsh advfirewall firewall add rule name="IP Block" ^
   dir=in interface=any action=block remoteip=198.51.100.108/32

You can now see your rule with netsh advfirewall firewall show rule name="IP Block":

Rule Name:                            IP Block
----------------------------------------------------------------------
Enabled:                              Yes
Direction:                            In
Profiles:                             Domain,Private,Public
Grouping:
LocalIP:                              Any
RemoteIP:                             198.51.100.108/32
Protocol:                             Any
Edge traversal:                       No
Action:                               Block
Ok.

And delete it with a matching delete rule criteria; in this case name and remoteip are sufficient:

netsh advfirewall firewall delete rule name="IP Block" remoteip=198.51.100.108/32`

For detailed information, see Netsh AdvFirewall Firewall Commands or netsh advfirewall ?

Share:
12,415

Related videos on Youtube

madam mar
Author by

madam mar

Updated on September 18, 2022

Comments

  • madam mar
    madam mar almost 2 years

    i am trying to block ip address on my machine by doing the following in cmd

    netsh ipsec add policy name=IPSystem
netsh ipsec static add filter filterlist=BlackList srcaddr=74.356.69.108 dstaddr=me&&

    but it seems the IP address did not blocked what i am doing wrong ?

    i am using windows 8.1

  • madam mar
    madam mar about 7 years
    if i want to delete that rule should i call delete instead of add ?
  • Esa Jokinen
    Esa Jokinen about 7 years
    I find the manual clear enough, and you can get more information on every netsh command in with ?, e.g. netsh advfirewall firewall delete rule ?, so the manual comes along. But now it's also in my answer.
  • Esa Jokinen
    Esa Jokinen about 7 years
    Also notice that the 74.356.69.108 you were originally trying to block is not an IP address, because 356 > 255. But netsh is kind; it would have guided you further with an error: A specified IP address or address keyword is not valid.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

netsh, block all IP addresses in a text file?
Allowing a program through windows firewall
Does disabling the 'Windows Firewall' service actually work?
netsh advfirewall open TCP ports 80 and 443 for outgoing traffic
What Does This Windows Firewall Rule Do?
How does telnet get through the windows firewall?
Windows 7 firewall causing remote connection to time out; should refuse connection
Netsh, how to open ports in windows firewall for WMI?
Setting up FTP on Windows Server 2008, virtual machine
Configuring many block IPs in Windows Firewall