How To Add Bulk Ip Addresses To Firewall Deny Rules?

Does anyone know a quick (batch/bulk/auto) way of adding a truck load of IP addresses into BitDefender 2011 - from a text or CSV file to the BD IS2011 firewall rules.


I have a large list of IP addresses I want to block and want to create firewall rules to 'DENY' all of them.


They are on too many subnets and are too many to enter manually.


I've tried searching this forum for this (and various search engines) - but it only shows how to add 1 at a time.


Any ideas?


PS. I've had a look at C:\Program Files\BitDefender\BitDefender 2011\settings\Firewall\rules.xml


In fact - it would be easy for me to write a ****** to add the required XML to this file - except that the file is open by BD and won't allow saving of the edited file.

Comments

  • Hello bjh,


    The file that keeps these rules is called profiles.xml located in C:\Program Files\BitDefender\BitDefender 2011\settings\Firewall


    Changes to this file can be made only in safe mode.

  • Hello bjh,


    The file that keeps these rules is called profiles.xml located in C:\Program Files\BitDefender\BitDefender 2011\settings\Firewall


    Changes to this file can be made only in safe mode.


    Hi Cristi,


    Thanks for the info.


    Had a look at this file - and it uses the format... (which appears perfect for me)


    <zone address="1.2.3.4" mask="128" action="1"></zone>


    action=1 is deny


    action=0 is allow


    ...easy enough.


    However, are you able to please explain the mask format? Is "128" the equivalent of a /32 (255.255.255.255) mask in the network world?

  • Hi,


    Yes the 128 is the equivalent of the /32 netmask.

  • Hi,


    Yes the 128 is the equivalent of the /32 netmask.


    Hi and thanks DanyDan,


    I probably should've been a bit more elaborate - but how do you come about this mask?


    If I wanted to cover an entire subnet - would it be...


    <zone address="1.2.3.0" mask="96" action="1"></zone> - for a /24??


    <zone address="1.2.0.0" mask="64" action="1"></zone> - for a /16?


    <zone address="1.2.0.0" mask="72" action="1"></zone> - for a /18?


    Etc.

    Is there any reason for this strange mask type? Are you able to explain the logic?


    :)

  • Hi,


    Sorry but I am not allowed to elaborate on this matter as it is not public information.

  • Hi,


    Sorry but I am not allowed to elaborate on this matter as it is not public information.


    No worries I think I have enough to work with now - thanks for all your help ppl.


    PS. This may be the wrong place for this - but do you know if BitDefender have anything planned for future releases - to incorporate or add the ability to add public blacklists (or whitelists) such as those provided by iBlocklist and similar?