How to block IP ranges in Windows Firewall
If you are using Windows and have not installed a "complete" security suite for the operating system, you are likely using Windows Firewall to protect the operating system.
While there are standalone firewall applications as well, or hardware firewalls, it is likely that most users make use of the built-in firewall of the operating system.
Configuration of the firewall is not as straightforward as it can be, considering that you first need to find out how to open it, and then work your way through the menus that it makes available.
The guide that you are reading looks at one advanced configuration option: how to block IP ranges in the Windows Firewall. This is a list of IP addresses that you combine in a single expression, for instance 126.96.36.199 - 188.8.131.52 which covers all IP addresses in that range. Note: the screenshot below shows a different rule.
How to load the firewall controls
The easiest way to load the firewall controls is the following:
- Use Windows-R to bring up the run box of the operating system.
- Type WF.msc and hit the enter key.
Block IP ranges
Note: The following guide uses the built-in firewall of Windows 7. If you are using a different Windows operating system, the way may be different.
- Click on Inbound Rules on the Windows Firewall with Advanced Security window.
- Select New Rule under Inbound Rules on the right.
- Select Custom rule on the next screen and click on next.
- Leave everything as is on the screen that comes up and click next (all programs selected).
- Leave everything as is on the ports and protocols screen and click next.
- Select "These IP addresses" under "Which remote IP addresses does this rule apply to",click add, and enter the scope in the following format: 184.108.40.206/16. This works with IPv4 and IPv6 addresses. You can alternatively use the IP address range option below instead. Note: The range 220.127.116.11/16 applies to addresses starting with the first two numbers (206.111...).
- Click ok, the IP range should now be listed under these IP addresses. Click next.
- Select block the connection on the next screen. This blocks those IP addresses so that connections cannot be established anymore.
- Leave everything as is on the next screen and click next.
- Name the new rule and add a description to it if you want.
- The new rule appears in the inbound rules list now.
Edit or Remove the rule
You can edit or remove the rule at any time. To edit it, double-click on it in the firewall controls and use the tabs to make modifications to the rule set.
To delete it, simply select it and hit the delete key on your keyboard afterwards. All you need to do then is confirm the prompt and the rule gets removed from the system again.Advertisement