Solved

Powershell Script Modification

Posted on 2015-02-05
3
154 Views
Last Modified: 2015-02-05
# get ip addresses that are not already in firewall rule.
$w = $g | where {$_.Name.Length -gt 1 -and  !($arRemote -contains $_.Name + '/255.255.255.255')} 

# add IPs to firewall rule
$w| %{$ar.remoteaddresses += ',' + $_.Name} 

Open in new window


I have the above code as part of a scrip that automatically grabs and logs IPs into a Block Rule on a Windows Server.   This script is deployed across multiple servers, but one client is having a problem where their internal IPs are being blocked by some users with drives mapped via VPN.

I've unsuccessfully attempted to add to this, so maybe an Expert can help -- I'd like to tack on an exception to the criteria to skip all IPs on the internal subnet (in this case, 192.168.125.0/24 ).  Any help is appreciated, thanks!
0
Comment
Question by:Uptime Legal Systems
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 40

Assisted Solution

by:footech
footech earned 100 total points
ID: 40591738
Hard to say without knowing what the variables contain.
Try comparing the IP with this regex (I'll just use $ip to represent the IP) in a Where-Object scriptblock.
$ip -notmatch "192\.168\.125\.((25[0-5])|(2[0-4][0-9])|(1[0-9][0-9])|(0?[0-9]?[0-9])|0?0?([0-9]))$"

Open in new window

0
 
LVL 70

Accepted Solution

by:
Qlemo earned 400 total points
ID: 40591870
Since we know the value is an IP, a more simple approach can be used:
# get ip addresses that are not already in firewall rule.
$w = $g | where {$_.Name.Length -gt 1
 -and  !($arRemote -contains $_.Name + '/255.255.255.255')
 -and $_.Name -notlike '192.168.125.*'} 

# add IPs to firewall rule
$w| %{$ar.remoteaddresses += ',' + $_.Name} 

Open in new window

0
 
LVL 6

Author Closing Comment

by:Uptime Legal Systems
ID: 40591892
Ah!  I see what I was doing wrong, thanks for the help I'll be able to use this.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No single Antivirus application (despite claims by manufacturers) will catch or protect you from all Virus / Malware or Spyware threats. That doesn't stop you from further protecting yourself however - and this article is to show you how.
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question