2

Quick question for setting up Windows Defender Firewall rules:

  • Is there a boolean NOT operator that can be used with IP addresses?

What I would like to do is create an outbound firewall rule to block DNS lookups from everything except a specific IP address as a source IP address. (The source IP address that would be spared from this not operator is tied to an interface and is thus predictable; all other IP addresses could change based on connected wifi network and thus listing all possible IP ranges isn't particularly feasible).

Something I've also tried is just blocking UDP/53 outbound for the entire wifi network card type in Windows Firewall, which does work, so this question is more for my own general knowledge about the granularity that I can obtain with Windows Firewalls.

Improve this question
3
  • I am not a FIrewall expert. Did you try "Create Outbound Rule"? And then under Scope, restrict the IP Address? (that is specify and not use ANY)?
    – anon
    Commented Dec 5, 2022 at 20:00
  • I guess I should've specified, I have the default outbound any. Thank you for the idea though.
    – StudentDeveloper7
    Commented Dec 5, 2022 at 20:41
  • There is not a NOT rule so far as I know. So you will have to change FROM start of subnet TO IP not allowed FROM after IP not allowed TO end of subnet.
    – anon
    Commented Dec 5, 2022 at 21:44

0

Reset to default

Browse other questions tagged .