We have a lot of machines, and it can be a pretty big pain in the ass when a customer on one of them requests that we block some IPs. We run Game Servers, so generally IPs that need to be blocked can be any IP, any port, etc.
I would like to write a little application to simplify adding IP Bans in Server 2008. Is there any good way to do this, whether it be through IPSec or Windows Firewall? Some machines have the Firewall off, so IPSec would be preferred, but either is fine.
Thank you very much for the links. I was able to get this going using the following code. You will still need to obtain a FWManager object to use.
private void btnBlock_Click(object sender, EventArgs e)
{
String IP = txtAddress.Text;
txtAddress.Clear();
if (IsAddressValid(IP))
{
INetFwRule2 firewallRule = (INetFwRule2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FWRule"));
firewallRule.Name = "BrutalNT: IP Access Block " + txtAddress.Text;
firewallRule.Description = "Block Incoming Connections from IP Address.";
firewallRule.Action = NET_FW_ACTION_.NET_FW_ACTION_BLOCK;
firewallRule.Direction = NET_FW_RULE_DIRECTION_.NET_FW_RULE_DIR_IN;
firewallRule.Enabled = true;
firewallRule.InterfaceTypes = "All";
firewallRule.RemoteAddresses = txtAddress.Text;
INetFwPolicy2 firewallPolicy = (INetFwPolicy2)Activator.CreateInstance(Type.GetTypeFromProgID("HNetCfg.FwPolicy2"));
firewallPolicy.Rules.Add(firewallRule);
String msg = "IP Address \"" + IP + "\" Blocked Successfully!";
MessageBox.Show(msg, "Success", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
else
{
String msg = "IP Address \"" + IP + "\" was Invalid!";
MessageBox.Show(msg, "Failed", MessageBoxButtons.OK, MessageBoxIcon.Information);
}
}