No announcement yet.

Allow only certain IP addresses

  • Filter
  • Time
  • Show
Clear All
new posts

  • Allow only certain IP addresses

    This allows IP through Windows Defender Firewall on port 80

    WF.MSC Advanced firewall
    Inbound Rules, New Rule,Custom Rule
    Protocol type TCP
    Local port, specific port 80

    Which remote IP address does this apply to?
    Block range to
    Block range to
    This would only allow

    Go back to properties and give a name (if needed) and mark Block the connection in the General tab

    But what if I wanted to also allow IP and or a list of others that would change?

    Is there any easy way to do this with multiple IP addresses that are not grouped together?
    Perhaps using PowerShell or NETSH?
    How long is an idea? Write it down.

  • #2
    Hi Mike, take a look at Windows Firewall Control
    I have been using it for some years now and it is a nice tool to use together with Windows Firewall.



    • #3
      Mikael T,

      Checking it out, thank you!
      How long is an idea? Write it down.


      • #4

        Try using the free firewall from ZoneAlarm

        You can set firewall zones for a range of IP addresses to be blocked , trusted and public.
        It is a very capable firewall and you can also whitelist which one of your applications to access the Internet
        and which one can't.
        It will also alert you whenever there is an attempt by an external but banned IP to connect with your computer.


        • #5

          Thank you!

          I quit using it years ago when Steve Gibson stopped trusting it.

          This says he trusts it.

          Link to free version.

          Now I'm looking for where he says he doesn't trust it.
          I'll hold off until I see his current view on it.
          How long is an idea? Write it down.


          • #6

            I had some very bad experiences with ZoneAlarm, but it was great a decade ago.
            I'm still searching on others experience with it.
            Binisoft got bought out by Malwarebytes. It makes using firewall easier, but doesn't make blocking of IP addresses any easier.
            How long is an idea? Write it down.


            • #7
              You answered your own question. Basically there's nothing on a Windows System >= Win7/Win2008 that can't be done with PowerShell. There's also the WMI and (little known) accompanying WMIC path for most things.

              And yes, NETSH is another way of doing it.


              • #8
                That got me going with PowerShell.
                Never knew there was a GUI for it named PowerShell_ise.exe with add-ons and a community.
                I'll be studying instead of just jumping in like I started to do with the code below. I will look for a book.

                The links to what I needed are great. Thank you

                'There is a GUI named PowerSHELL ISE for creating scripts
                'Clicking View Show Command Add-on shows features in right pane
                'Within PowerShell append .\ to script file
                THREADED hFile AS LONG
                 SHELL "C:\Windows\System32\WindowsPowerShell\v1.0\powershell_ise.exe"
                 'LOCAL sScriptName AS STRING
                 'sScriptName = "MyScript.ps1"
                 'CreateScript sScriptName
                 'SHELL "PowerShell .\" + sScriptName
                END FUNCTION
                FUNCTION CreateScript(sScriptName AS STRING) AS LONG
                 hFile = FREEFILE
                 OPEN sScriptName FOR OUTPUT AS hFile
                 IF ERR THEN ? "Can't open " + sScriptName,,FUNCNAME$:EXIT FUNCTION
                 p "Write-Host Testing " + sScriptName
                 p "GET-NetIPInterface"
                 p "pause" 'keep environment active
                 p "New-Object  System.Net.Sockets.TcpClient -ArgumentList " + """Localhost +""" +", '5985'" 'this is wrong, but .net can be used?
                 p "pause"
                 CLOSE hFile
                END FUNCTION
                SUB p(s AS STRING)
                 PRINT# hFile, s
                 IF ERR THEN ? CHR$("Invalid entry",$CRLF,s),,FUNCNAME$
                END SUB
                #IF 0
                How long is an idea? Write it down.