12/30/2015

Windows, How to firewall block a list of IP addresses

Sometimes you need to block a list of IP addresses in a file from connecting to your server or workstation. Here is one way to do that using the Windows firewall and a cmd batch file.

The method is not original, its described in many places. This was described in a posting here.

Step 1 - save the following to blockit.bat
@echo off
if "%1"=="list" (
netsh advfirewall firewall show rule Blockit | findstr RemoteIP
exit/b
)

:: Deleting existing block on ips
netsh advfirewall firewall delete rule name="Blockit"

:: Block new ips (while reading them from blockit.txt)
for /f %%i in (blockit.txt) do (
netsh advfirewall firewall add rule name="Blockit" protocol=any dir=in action=block remoteip=%%i
netsh advfirewall firewall add rule name="Blockit" protocol=any dir=out action=block remoteip=%%i
)

:: call this batch again with list to show the blocked IPs
call %0 list

 Step 2 - save a list of IP addresses to blockit.txt
5.9.212.53
5.79.85.212
46.38.51.49
46.165.193.67
46.165.222.212

Step 3 - run the batchfile
a. [to read] blockit.txt and block ip addresses
c:\> blockit.bat blockit.txt
b. [to list] the ip addresses currently blocked
c:\> blockit.bat list
c. [to unblock] all of the ip addresses that were blocked
c:\> netsh advfirewall firewall delete rule name="Blockit"