Reputation: 1
I am trying to create a domain whitelisting job where I am blocking the default outbound action and allowing a single domain or multiple domains. This is working fine but I found that some sites return different IP addresses each time the command to get ip is run.
To set the default outbound policy to "Block", I am running this command:
Set-NetFirewallProfile -Profile Domain, Private, Public -DefaultOutboundAction Block -ErrorAction Stop
To find the ip addresses of a domain and create firewall rule to allow it, I am using this command:
$ResolvedIPs = Resolve-DnsName $domainName -ErrorAction Stop | Select-Object -ExpandProperty IPAddress
foreach ($IP in $ResolvedIPs) {
$ruleName = "Allow ${domainName} for ${username}"
New-NetFirewallRule -DisplayName $ruleName -Direction Outbound -Action Allow -RemoteAddress $IP -Protocol TCP -Profile Domain, Private, Public -ErrorAction Stop
IP addresses for domains like x.com and reddit.com are same each time the script is run but for domains like facebook.com and quora.com, the IP addresses are different each time the command is run. How can I get all IP addresses or range of IP addresses for any domain using powershell?
Upvotes: 0
Views: 110