How To Add Bulk Ip Addresses To Firewall Deny Rules?

Does anyone know a quick (batch/bulk/auto) way of adding a truck load of IP addresses into BitDefender 2011 - from a text or CSV file to the BD IS2011 firewall rules.

I have a large list of IP addresses I want to block and want to create firewall rules to 'DENY' all of them.

They are on too many subnets and are too many to enter manually.

I've tried searching this forum for this (and various search engines) - but it only shows how to add 1 at a time.

Any ideas?

PS. I've had a look at C:\Program Files\BitDefender\BitDefender 2011\settings\Firewall\rules.xml

In fact - it would be easy for me to write a ****** to add the required XML to this file - except that the file is open by BD and won't allow saving of the edited file.

Find more posts tagged with

Comments

Cristi Raducu

Hello bjh,

The file that keeps these rules is called profiles.xml located in C:\Program Files\BitDefender\BitDefender 2011\settings\Firewall

Changes to this file can be made only in safe mode.

bjh

Hello bjh,

The file that keeps these rules is called profiles.xml located in C:\Program Files\BitDefender\BitDefender 2011\settings\Firewall

Changes to this file can be made only in safe mode.

Hi Cristi,

Thanks for the info.

Had a look at this file - and it uses the format... (which appears perfect for me)

action=1 is deny

action=0 is allow

...easy enough.

However, are you able to please explain the mask format? Is "128" the equivalent of a /32 (255.255.255.255) mask in the network world?

unknown

Hi,

Yes the 128 is the equivalent of the /32 netmask.

bjh

Hi,

Yes the 128 is the equivalent of the /32 netmask.

Hi and thanks DanyDan,

I probably should've been a bit more elaborate - but how do you come about this mask?

If I wanted to cover an entire subnet - would it be...

<zone address="1.2.3.0" mask="96" action="1"></zone> - for a /24??

<zone address="1.2.0.0" mask="64" action="1"></zone> - for a /16?

<zone address="1.2.0.0" mask="72" action="1"></zone> - for a /18?

Etc.

Is there any reason for this strange mask type? Are you able to explain the logic?

unknown

Hi,

Sorry but I am not allowed to elaborate on this matter as it is not public information.

bjh

Hi,

Sorry but I am not allowed to elaborate on this matter as it is not public information.

No worries I think I have enough to work with now - thanks for all your help ppl.

PS. This may be the wrong place for this - but do you know if BitDefender have anything planned for future releases - to incorporate or add the ability to add public blacklists (or whitelists) such as those provided by iBlocklist and similar?