AlexPiko
asked on
Need a IP-block/unblock Function for Windows2003
Hello Experts,
i have a Windows2003 Server, i need to block and unblock a specific IP by my program. (Simply to block all connection attempts from one IP).
What api's are recommended, what SDK do i need?
A brief description and a example of a function call would be appreciated.
When using a ISA firewall, does a commandlinke tool exist like ip-chains ip-tables on linux?
thanks
Alex P.
i have a Windows2003 Server, i need to block and unblock a specific IP by my program. (Simply to block all connection attempts from one IP).
What api's are recommended, what SDK do i need?
A brief description and a example of a function call would be appreciated.
When using a ISA firewall, does a commandlinke tool exist like ip-chains ip-tables on linux?
thanks
Alex P.
ASKER
Thankfs for your comment bbao,
very Interesting thing. I didnt thought about routing.
How could this be done? -> BLOCK ALL IP's initially, unblock a few IP's on demand.
very Interesting thing. I didnt thought about routing.
How could this be done? -> BLOCK ALL IP's initially, unblock a few IP's on demand.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
this is a very simple solution.
A good point to start.
thanks
Alex
A good point to start.
thanks
Alex
simple does not mean weak. right? :) thanks for you grade. enjoy, bbao
you can certainly do that with any program called Firewall, either ISA or other 3rd-parties, either free or commercial. but it sounds not necessary to use them only for such a blocking function you need, except you dont care your money or computer performance.
ok. actually, you can block ONE IP with the following single command:
ROUTE ADD 1.2.3.4 mask 255.255.255.255 192.168.0.253
where 1.2.3.4 is the IP you want to block, 192.168.0.253 is a non-existing IP on your local subnet assuming it is 192.168.0.x.
this command will cause you system to reply any request from the specific IP to a null address, which is actually blocking the communication between your host and that IP, beause the remote IP to be blocked will never receive the returning packet.
hope it helps,
bbao