RAHUL JHA
RAHUL JHA

Reputation: 1

How can I get all possible IP addresses when allowing a domain in windows firewall?

I am trying to create a domain whitelisting job where I am blocking the default outbound action and allowing a single domain or multiple domains. This is working fine but I found that some sites return different IP addresses each time the command to get ip is run.

To set the default outbound policy to "Block", I am running this command:

Set-NetFirewallProfile -Profile Domain, Private, Public -DefaultOutboundAction Block -ErrorAction Stop

To find the ip addresses of a domain and create firewall rule to allow it, I am using this command:

$ResolvedIPs = Resolve-DnsName $domainName -ErrorAction Stop | Select-Object -ExpandProperty IPAddress
foreach ($IP in $ResolvedIPs) {
                    $ruleName = "Allow ${domainName} for ${username}"
                    New-NetFirewallRule -DisplayName $ruleName -Direction Outbound -Action Allow -RemoteAddress $IP -Protocol TCP -Profile Domain, Private, Public -ErrorAction Stop

IP addresses for domains like x.com and reddit.com are same each time the script is run but for domains like facebook.com and quora.com, the IP addresses are different each time the command is run. How can I get all IP addresses or range of IP addresses for any domain using powershell?

Upvotes: 0

Views: 110

Answers (0)

Related Questions