The recommended number of IP addresses to block, which can be added to one rule Windows Firewall RRS feed

  • Question

  • Good afternoon.

    Interested in the question, I need to create a rule to deny access the server with the specified IP address. List of large - about 50 thousand. So how can I add an IP rule blocking connections from IP addresses. If they will be in Rule 10000 does not affect whether it is the speed of the server and of the whole will be any changes in your work?

    The bottom line is that I have added 10,000 IP rule. Through the API Windows Firewall, I realized that the maximum number of IP addresses that I can add is equal 10000 (10001 already swears "array bounds are invalid"). Rule added - these IP-addresses are blocked. The question is - Will the fact that the rule as many IP addresses on the server rate.

    Is it possible to set this rule remotely on multiple servers?
    Tuesday, August 19, 2014 10:00 AM

All replies

  • Hi,

    I can't find any document about this limitation.

    But it is not recommended to add so many rules in Windows Firewall. It will be resource intensive.

    Could you use the wildcard? It can reduce the number of the rules.

    Best Regards.

    Steven Lee

    TechNet Community Support

    Thursday, August 21, 2014 8:59 AM
  • The problem is that I have a list with all sorts of boats. And a lot of them, weed out Google, Bing and the other normal. And anyway the list is large. And to * not otseit - they are almost all different.
    Thursday, August 21, 2014 10:43 AM
  • Hi,

    We may try to input multiple IP addresses in one rule.

    Here is the screenshot of my lab server.

    Best Regards.

    Steven Lee

    TechNet Community Support

    • Marked as answer by Steven_Lee0510 Monday, September 1, 2014 2:49 AM
    • Unmarked as answer by mysqld1 Monday, September 1, 2014 9:36 AM
    Monday, August 25, 2014 1:04 PM