Add IP Addresses to a Firewall Rule
Some of our services are locked down with a list of approved IP addresses. It can be a pain to manage sometimes using the firewall UX so this snippet comes in handy.
For this snippet I use an extra array because I was unable to get $FirewallAddressFilter.RemoteAddress.Add(‘126.96.36.199’) to work, other than that it works great.
It also provides a nice backup of the IP addresses before the change is made.
<# Get a list of firewall rules, helpful to find the rule to modify Get-NetFirewallRule | Where Enabled -eq $true | select Name, DisplayName, Enabled | sort DisplayName #> # Get the Firewall rule $rule = Get-NetFirewallRule -DisplayName 'My Firewall Rule' # Get the Address Filter for the Firewall Rule $FirewallAddressFilter = $rule | Get-NetFirewallAddressFilter # Export the existing address filter to a file, just in case $FirewallAddressFilter | ConvertTo-Json | Out-File (Join-Path $home FirewallAddressFilter.json) # Show the current number of addresses $FirewallAddressFilter.RemoteAddress.Count # Create a new array using the existing addresses $newRemoteAddressArray = $FirewallAddressFilter.RemoteAddress # Add addresses to the array $newRemoteAddressArray += @( '188.8.131.52' '184.108.40.206' '220.127.116.11' ) # Show the future number of addresses $newRemoteAddressArray.Count # Replace the current addresses with the future addresses $FirewallAddressFilter.RemoteAddress = $newRemoteAddressArray # Save the Address Filter $FirewallAddressFilter | Set-NetFirewallAddressFilter