Wednesday, November 28, 2018

blocking - How to block all but a specific list of IP addresses on a given port using IPSEC on Windows?

I have a list of IP addresses.


L={x.x.x.x,y.y.y.y,...etc}


I want to block all IP addresses except for the ones in the above list.


How to do using IPSEC commands in windows machine?


I tried to figure out from the following Microsoft link. But no luck :-(


@Ramhound


My Goal: Block all ips on 198.18.84.161:80 except for the IP 198.18.84.162


I tried the following.


1) To block all ips on port 80.


Steps:


netsh ipsec static add filterlist name=filterlist_198.18.84.161


netsh ipsec static add filter filterlist=filterlist_198.18.84.161 srcaddr=any dstaddr=Me
protocol=tcp srcport=0 dstport=80


netsh ipsec static add filteraction name=action_198.18.84.161 action=block


netsh ipsec static add policy name=policy_198.18.84.161 assign=yes


netsh ipsec static add rule name=rule_198.18.84.161 policy=policy_198.18.84.161
filterlist=filterlist_198.18.84.161 filteraction=action_198.18.84.161


Result: It blocked all ips on port 80


2) To Allow IP 198.18.84.162 on port 80 of the machine 198.18.84.161


Steps:


netsh ipsec static add filterlist name=filterlist_198.18.84.162


netsh ipsec static add filter filterlist=filterlist_198.18.84.162 srcaddr=198.18.84.162 dstaddr=Me
protocol=tcp srcport=0 dstport=80


netsh ipsec static add filteraction name=action_198.18.84.162 action=permit


netsh ipsec static add policy name=policy_198.18.84.162 assign=yes


netsh ipsec static add rule name=rule_198.18.84.162 policy=policy_198.18.84.162 filterlist=filterlist_198.18.84.162 filteraction=action_198.18.84.162


Result: This unblocked all IPs on port 80 instead of only unblocking 198.18.84.162

-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

hard drive - Leaving bad sectors in unformatted partition?

Laptop was acting really weird, and copy and seek times were really slow, so I decided to scan the hard drive surface. I have a couple hundr...