forked from TRI0N/ip-security
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathREADME.txt
More file actions
42 lines (23 loc) · 2.24 KB
/
README.txt
File metadata and controls
42 lines (23 loc) · 2.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
How to add Block County IP's in Windows Firewall with PowerShell.
Step 1: Create a directory for working with PowerShell and PowerShell Scripts. Example - C:\ip-security
Step 2: Download the PowerShell script Import-Firewall-Blocklist.ps1 from http://www.gregsitservices.com/ip-security/ip-security-package.zip and extract the PowerShell script Import-Firewall-Blocklist.ps1 to your C:\ip-security folder. *If you're reading this file, you most likely already obtained this package in a modified form*
Step 3: Go to https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 for a reference of which two letter code corresponds with the country that is wanting to be blocked from accessing your Windows instance. For each country, place the two letter code on a separate line inside of "countrycodes.txt" in the root of the project directory
Suggested country codes:
1) CHINA (CN)
2) KOREA, DEMOCRATIC PEOPLE'S REPUBLIC OF (KP)
3) KOREA, REPUBLIC OF (KR)
4) RUSSIAN FEDERATION (RU)
Step 4: Run PowerShell and Administrator (right click PowerShell and select Run As Administrator).
Step 5: Type without quotes "PowerShell.exe -ExecutionPolicy Bypass" - This will set the scripts Policy of PowerShell to run so that it can make the Windows Firewall rules.
Step 6: Begin importing the country zone ranges into your Windows Firewall:
.\Import-Firewall-Blocklist.ps1
Zone files will be downloaded from http://www.ipdeny.com/ipblocks/data/countries and saved into the zones folder.
Step 7: Just for precaution let's now set PowerShell back to Restricted Access on Scripts. Type without quotes "PowerShell.exe -ExecutionPolicy Restricted".
That's it we are done... It is suggested to keep a copy of the country codes file and zones folder.
Below is how you can remove entries:
.\Import-Firewall-Blocklist.ps1 -DeleteOnly
For the protection of the person running the script, it is required to press a key after the zones have been imported. This is important when running the script on remote systems. Failing to press a key assumes that connection to the remote system has been lost, thus changes are rolled back. This protection can be turned off using the -KeypressProtectionOff parameter when running the script.
ENJOY!
Best regards,
Greg (TRI0N) Munson
Brandon Buchanan (willjasen)