Windows : Blocking IP from command line

By | November 8, 2014

Here is two commands to wither block a single or group of IPs on the Windows Firewall using the command line. Please note that you will need elevated privileges to run these commands.

1. Block a single IP (or subnet*)

*You will need to change the mask “/32” with the actual subnet mask to block the entire subnet.

Example (using IP :

2. Block a list of IPs/subnets

– You will first need to create your list of IPs/subnet in a plain text file, one entry per line and name it as “ips.txt”
– Then, run the following command under the same location¬†where your file “ips.txt” has been saved

NOTE : Additionally, you can also block the traffic from your machine toward the remote host (outbound) by modifying the “dir=in” statement to “dir=out”.