If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
How do you block an IP address on Windows?
I'm just learning Wireshark where all I'm doing at the moment is going line
by line to see what IP addresses are accessed by my computer when I am doing nothing and the computer is just on. In Wireshark I see connections to IP addresses which I look up and find out who they are but I have no idea why my computer is connecting to them. I tried putting them in the HOSTS file but HOSTS doesn't work this way. # 127.0.0.1 104.28.17.56 # Wireshark - Cloudflare # 127.0.0.1 172.217.5.206 # Wireshark - Google Search Engine Spider # 127.0.0.1 152.195.54.20 # Wireshark - ANS Communication Verizon Busines # 127.0.0.1 224.0.0.252 # Wireshark - MCAST-NET IANA Special Use (probably ok) Since I have no idea why my computer is connecting to these IP addresses, I'll just block them, but how? |
Ads |
#2
|
|||
|
|||
How do you block an IP address on Windows?
On 8/21/2017 12:30 AM, Bram van den Heuvel wrote:
I'm just learning Wireshark where all I'm doing at the moment is going line by line to see what IP addresses are accessed by my computer when I am doing nothing and the computer is just on. In Wireshark I see connections to IP addresses which I look up and find out who they are but I have no idea why my computer is connecting to them. I tried putting them in the HOSTS file but HOSTS doesn't work this way. # 127.0.0.1 104.28.17.56 # Wireshark - Cloudflare # 127.0.0.1 172.217.5.206 # Wireshark - Google Search Engine Spider # 127.0.0.1 152.195.54.20 # Wireshark - ANS Communication Verizon Busines # 127.0.0.1 224.0.0.252 # Wireshark - MCAST-NET IANA Special Use (probably ok) Since I have no idea why my computer is connecting to these IP addresses, I'll just block them, but how? I may be wrong but I think you have the IP pairings reversed. Try something more like; 104.28.17.56 127.0.0.1 # to send the first IP into the black hole that the 127 address uses. --- This email has been checked for viruses by AVG. http://www.avg.com |
#3
|
|||
|
|||
How do you block an IP address on Windows?
Given news
wrote:
I may be wrong but I think you have the IP pairings reversed. Try something more like; 104.28.17.56 127.0.0.1 # to send the first IP into the black hole that the 127 address uses. I looked up if the HOSTS file can handle IP addresses but it can't. It only blocks domain names using the syntax 127.0.0.1 www.google.com So what you saw in my original post is just the comments in my HOSTS. I just rebooted and watched Wireshark capture the following IP addresses. # 23.215.102.64 # Wireshark - Akamai Technologies # 64.4.54.50 # Wireshark - Microsoft Corporation # 65.55.252.202 # Wireshark - Microsoft Corporation # 72.21.91.29 # Wireshark - EDGECAST-NETBLK-01 Verizon # 104.16.91.188 # Wireshark - Cloudflare, Inc. # 104.17.104.175 # Wireshark - Cloudflare, Inc. # 104.28.17.56 # Wireshark - Cloudflare # 152.195.54.20 # Wireshark - ANS Communication Verizon Business # 172.217.5.206 # Wireshark - Google Search Engine Spider # 204.79.197.200 # Wireshark - Microsoft Corporation (MSFT) # 216.239.39.21 # Wireshark - Google # 224.0.0.252 # Wireshark - MCAST-NET IANA Special Use I didn't touch anything and these are being accessed so I just want to block them. What's the method Windows 10 blocks specific IP addresses? |
#4
|
|||
|
|||
How do you block an IP address on Windows?
On Mon, 21 Aug 2017 06:10:01 +0000 (UTC), Bram van den Heuvel wrote:
What's the method Windows 10 blocks specific IP addresses? That is the job of your firewall, whichever it is. -- Kind regards Ralph 🦊 |
#5
|
|||
|
|||
How do you block an IP address on Windows?
On 8/20/2017 11:53 PM, Ralph Fox wrote:
On Mon, 21 Aug 2017 06:10:01 +0000 (UTC), Bram van den Heuvel wrote: What's the method Windows 10 blocks specific IP addresses? That is the job of your firewall, whichever it is. Comodo firewall will let you do that easily. Beware that there may be unintended consequences. For example, a typical webpage loads other pages that load other pages that.... The content you want to see may be at the end of that cascade. Block part of it also blocks the content you wish to view. Anything hosted by MS has the technical ability to cause you enough discomfort that you won't do it. I expect the same goes for google. |
#6
|
|||
|
|||
How do you block an IP address on Windows?
On Mon, 21 Aug 2017 06:10:01 +0000 (UTC), Bram van den Heuvel
wrote: Given news wrote: I may be wrong but I think you have the IP pairings reversed. Try something more like; 104.28.17.56 127.0.0.1 # to send the first IP into the black hole that the 127 address uses. I looked up if the HOSTS file can handle IP addresses but it can't. Correct. The hosts file is accessed when the system needs to perform a DNS query. If the system tries to access a specific IP address directly, there's no DNS query and hence no need to check the hosts file. It only blocks domain names using the syntax 127.0.0.1 www.google.com So what you saw in my original post is just the comments in my HOSTS. I just rebooted and watched Wireshark capture the following IP addresses. # 23.215.102.64 # Wireshark - Akamai Technologies # 64.4.54.50 # Wireshark - Microsoft Corporation # 65.55.252.202 # Wireshark - Microsoft Corporation # 72.21.91.29 # Wireshark - EDGECAST-NETBLK-01 Verizon # 104.16.91.188 # Wireshark - Cloudflare, Inc. # 104.17.104.175 # Wireshark - Cloudflare, Inc. # 104.28.17.56 # Wireshark - Cloudflare # 152.195.54.20 # Wireshark - ANS Communication Verizon Business # 172.217.5.206 # Wireshark - Google Search Engine Spider # 204.79.197.200 # Wireshark - Microsoft Corporation (MSFT) # 216.239.39.21 # Wireshark - Google # 224.0.0.252 # Wireshark - MCAST-NET IANA Special Use I didn't touch anything and these are being accessed so I just want to block them. What's the method Windows 10 blocks specific IP addresses? A proper firewall allows you to 'drop' traffic destined for a particular host. Even the Windows firewall appears to offer that capability, although I haven't used it there. Inbound blocks appear to be more common, but they mention that outbound blocks are also possible. https://answers.microsoft.com/en-us/windows/forum/windows_7-security/how-do-i-block-outbound-and-inbound-specific-ip/d42c58d0-2693-4a10-a4e4-331b7d041036?auth=1 Your router might also have such a feature built in. My TP-Link Archer C9 does, for example, under the Advanced settings, called Access Control. Those two methods would affect every PC on the LAN. Here's a method that only affects a single PC, regardless of the Windows version. Create a persistent "host route" that essentially blackholes the traffic that you don't like. In a Command Prompt, type "route /?" to see the basic help for adding a route. You'd want it to be persistent so it survives across reboots, (or use a script that recreates all of your routes each time you boot), and you'd want the gateway IP to be an address on your LAN that doesn't exist; i.e., a black hole. For example, to block outgoing traffic (from this PC only) to 8.8.8.8 route -p add 8.8.8.8 255.255.255.255 192.168.1.254 where the following: route: the actual command -p: make it persistent add: we're going to add a new route to the routing table 8.8.8.8: the IP you want to block 255.255.255.255: block the single IP, not a range or subnet 192.168.1.254: non-existent IP on the LAN As traffic for 8.8.8.8 travels up the network stack prior to leaving the PC, the routing table is consulted. Lo and behold, there's a route there that provides special instructions for only this traffic. Everything else is unaffected. For this traffic, instead of sending it to the default gateway, let's send it to a non-existent IP address within the LAN. It'll time out and die, never leaving the LAN. |
#7
|
|||
|
|||
How do you block an IP address on Windows?
"Bram van den Heuvel" wrote
| I looked up if the HOSTS file can handle IP addresses but it can't. | It only blocks domain names using the syntax | 127.0.0.1 www.google.com | Yes. It's basically a phone book. If your browser or other software already know the IP then there's no need for a HOSTS check. If the IP is cached there's also no HOSTS check. But there are also other complications. For example: * Microsoft or others might hard-code IPs for calling home. * Domains like Akamai and Cloudflare may not be getting called directly. They provide a large amount of Interent content, as subcontractors. A company like MS might contract with Akamai to use their servers when they get heavy loads. The problem there is that Akamai is not in any way linked through the webpage you visit. It's a back-end setup. Akamai is also selling your personal info.** But it's hard to do anything about it. First, if you block them you might lose a lot of pages. Second, even if you didn't mind that, your browser doesn't look it up so you can't stop it in HOSTS. It seems to somehow go through the target site, acting like a back-end server at the site you're visiting. Wireshark shows that you're connected to Akamai, but there are no Akamai links in the webpage. You're being forwarded server-side. That's a whole new(ish) category of online tracking. Things were originally designed to prevent privacy intrusion online. For example, sites are not allowed to access cookies except from their own domain. But numerous tricks have been developed to circumvent that, such as 3rd-party cookies or web bugs that allow you to be tracked across domains, and heavy use of script to monitor your actions on a page, such as mouse movement, hover, or clicking. Content delivery services, which serve a legitimate purpose, have nevertheless become an additional privacy problem. That kind of server-side redirect opens up lots of possibilities. As others have said, most newer routers will allow you to completely block specific IP addresses. While that might help with Win10 spyware, it may not be feasible to block all Akamai or Cloudflare IPs, and you probably wouldn't want to. ------------------------------------ ** The Akamai story: https://blogs.wsj.com/digits/2010/11...ee-technology/ That link is currently just a teaser to sign up with WSJ. Originally the whole article was available. The gist of it is that Akamai is estimated to provide 15-30% of Web traffic, allowing them to monitor your activity closely despite you never actually visiting their site. (The rest of the article is mostly damage control, with Akamai spokespeople claiming that advertising (read "spying") is "not their main business". |
#8
|
|||
|
|||
How do you block an IP address on Windows?
Bram van den Heuvel wrote:
I'm just learning Wireshark where all I'm doing at the moment is going line by line to see what IP addresses are accessed by my computer when I am doing nothing and the computer is just on. In Wireshark I see connections to IP addresses which I look up and find out who they are but I have no idea why my computer is connecting to them. I tried putting them in the HOSTS file but HOSTS doesn't work this way. # 127.0.0.1 104.28.17.56 # Wireshark - Cloudflare # 127.0.0.1 172.217.5.206 # Wireshark - Google Search Engine Spider # 127.0.0.1 152.195.54.20 # Wireshark - ANS Communication Verizon Busines # 127.0.0.1 224.0.0.252 # Wireshark - MCAST-NET IANA Special Use (probably ok) Since I have no idea why my computer is connecting to these IP addresses, I'll just block them, but how? The fact you can see 1e100.net (172.217.5.206) addresses, means this is *incoming* traffic. That's the reports I've received in the past, of someone getting hammered by 1e100.net (Google). The only way there'd be *outgoing* packets, is if the web server you're running on your PC, answered the Google probe on port 80 and was sending HTML pages back to Google. If you have a router box in the network diagram (connect to broadband with a modem/router box), the diagram can look like this. With this setup, incoming 1e100.net probes fall on the floor, at the router box. This is why practically nobody in this group has seen a 1e100.net packet in Wireshark. They may have seen it with IPV6 addresses, but the above 172.217.5.206 is an IPV4 address, and could be stopped by some flavor of NAT in the router. If you Port Forward the Port 80 on the outside, to PC#4, then you could see and receive 1E100.net IPV4 packets. If you're using a VPN, I presume it is *downstream* of where Wireshark is looking, and you cannot see the traffic there. With TCPView, you're looking at established connections, not just random incoming packets. I'm normally only looking for established connections, any time I've tried to use TCPView. RJ11 --- ADSL --- ADSL box --------- How to monitor traffic here??? Modem router ----- | (NAT or ----- v Firewall) ----- PC#4 --- (VPN???) --- firewall --- applications ^ ie100.net --+ | | Wireshark v looks here? If you connect directly to the Internet with an ADSL modem or a "bridged" modem/router, then it looks like this. My problem with these diagrams, is you cannot always see the incoming packets. Wireshark is only supposed to be using the promiscuous interface on the actual Ethernet (PCAP) or Wifi (AirCap???). OS Terminates PPPOE protocol. Username/password dialog etc. | v RJ11 --- ADSL --- PC#4 --- (PPPOE) --- (VPN???) --- firewall --- applications Modem ^ ^ tap/tun? | | Wireshark See 1e100.net here ? How ? looks here? Sees PPPOE encapsulation... Might need PPPOE dissector for visibility. It's outside my pay level to fix this. You can have one or two firewalls in the picture. You can replace the Windows firewall with a third party firewall if you want. The firewalls could use IPTables, and have rules for ingress and egress. AFAIK, the Windows firewall also has ingress and egress rules. I generally *do not recommend* the second hardware configuration. If you know what you're doing, and are the Wizard of Networking, then fine, go right ahead... The second configuration is not forgiving of mistakes. The top configuration, a hacker can pwn your modem/router box, using a known exploit. In the second configuration, you're relying on "bulletproof Windows" for your protection. SMB1, anybody ? Here comes your copy of Wannacrypt. If you don't own a router box, and want to buy one this morning, make sure it's well documented and has facilities to actually do stuff with the Firewall. My first router, which cost $300, only had room for around 10 rules in the interface, and the hardware happened to be extremely limited. That's no longer the case today, when there is a Linux kernel running inside the router box, and the router box can have something better than a 500MHz MIPS processor to run the whole show. While it's fun to be listing these IP addresses above, the fact you can see them, has implications about your config... Google has a zillion spiders, so blocking 172.217.5.206 won't stop the other zillion minus one. A person would be delusional to even try that. Maybe blocking 1e100.net domain would help ? See, it's outside my pay scale... Whatever you're doing. Paul |
#9
|
|||
|
|||
How do you block an IP address on Windows?
Bram van den Heuvel wrote:
# 127.0.0.1 104.28.17.56 # Wireshark - Cloudflare cloudflare is used as an anti-DDOS frontend to web servers vulnerable to being attacked (e.g. high profile ones) # 127.0.0.1 172.217.5.206 # Wireshark - Google Search Engine Spider if you use nay of google's services (search, youtube, gmail etc) then blocking any part of 1e100.net is unwise # 127.0.0.1 224.0.0.252 # Wireshark - MCAST-NET IANA Special Use (probably ok) that's a multicast address, so unlikely to leave your own network, used for multicast name resolution, it might be related to the Link Local Discover Mapper/Responder protocols if you have then bound to your NIC. Since I have no idea why my computer is connecting to these IP addresses, I'll just block them, but how? Blocking stuff just because you don't know what it is one way to deal with with it, but just beware if stuff starts getting slow, or not working, you might need to re-enable whatever you've blocked to see if it's related. |
#10
|
|||
|
|||
How do you block an IP address on Windows?
Given news
Comodo firewall will let you do that easily. Beware that there may be unintended consequences. Story of my life. For example, a typical webpage loads other pages that load other pages that.... I know. But we can't always be running scared to lock our doors. The content you want to see may be at the end of that cascade. Block part of it also blocks the content you wish to view. Anything hosted by MS has the technical ability to cause you enough discomfort that you won't do it. I expect the same goes for google. I already have a huge hosts file so it wouldn't be the first time. |
#11
|
|||
|
|||
How do you block an IP address on Windows?
Given news
wrote:
That is the job of your firewall, whichever it is. The only firewall I have is Glasswire which I forget why I installed it long ago. Opening up Glasswire it has a "click to block" selection for items its sees, but that's not the same thing because I'd have to find these IP addresses where Glasswire seems to use domain names. |
#12
|
|||
|
|||
How do you block an IP address on Windows?
Given , Char Jackson
wrote: I looked up if the HOSTS file can handle IP addresses but it can't. Correct. The hosts file is accessed when the system needs to perform a DNS query. If the system tries to access a specific IP address directly, there's no DNS query and hence no need to check the hosts file. Thanks for making it make sense as I wasn't sure why the HOSTS file didn't work. A proper firewall allows you to 'drop' traffic destined for a particular host. Even the Windows firewall appears to offer that capability, although I haven't used it there. Inbound blocks appear to be more common, but they mention that outbound blocks are also possible. https://answers.microsoft.com/en-us/windows/forum/windows_7-security/how-do-i-block-outbound-and-inbound-specific-ip/d42c58d0-2693-4a10-a4e4-331b7d041036?auth=1 It seems by all accounts that a software firewall on Windows 10 is the answer. Since I'm not a firewall knowledeable person, and since I'm using Glasswire (I forget why), I'm willing to change the software firewall. What is the recommended firewall for Windows 10 for this blocking purpose? Your router might also have such a feature built in. My TP-Link Archer C9 does, for example, under the Advanced settings, called Access Control. The router has the advantage of working on all the devices, but it also has the disadvantage of being a bit harder to test out for unintended consequences since I don't know what other people in the house are doing at any one time. So I'll try first the machine. Those two methods would affect every PC on the LAN. Here's a method that only affects a single PC, regardless of the Windows version. Create a persistent "host route" that essentially blackholes the traffic that you don't like. Interesting concept! In a Command Prompt, type "route /?" to see the basic help for adding a route. You'd want it to be persistent so it survives across reboots, (or use a script that recreates all of your routes each time you boot), and you'd want the gateway IP to be an address on your LAN that doesn't exist; i.e., a black hole. For example, to block outgoing traffic (from this PC only) to 8.8.8.8 route -p add 8.8.8.8 255.255.255.255 192.168.1.254 where the following: route: the actual command -p: make it persistent add: we're going to add a new route to the routing table 8.8.8.8: the IP you want to block 255.255.255.255: block the single IP, not a range or subnet 192.168.1.254: non-existent IP on the LAN This is neat if it works! I get "route: bad argument 192.168.1.254 As traffic for 8.8.8.8 travels up the network stack prior to leaving the PC, the routing table is consulted. Lo and behold, there's a route there that provides special instructions for only this traffic. Everything else is unaffected. For this traffic, instead of sending it to the default gateway, let's send it to a non-existent IP address within the LAN. It'll time out and die, never leaving the LAN. route -p add 23.215.102.64 255.255.255.255 192.168.1.254 # Wireshark - Akamai Technologies route -p add 64.4.54.50 255.255.255.255 192.168.1.254 # Wireshark - Microsoft Corporation route -p add 65.55.252.202 255.255.255.255 192.168.1.254 # Wireshark - Microsoft Corporation route -p add 72.21.91.29 255.255.255.255 192.168.1.254 # Wireshark - EDGECAST-NETBLK-01 Verizon route -p add 104.16.91.188 255.255.255.255 192.168.1.254 # Wireshark - Cloudflare, Inc. route -p add 104.17.104.175 255.255.255.255 192.168.1.254 # Wireshark - Cloudflare, Inc. route -p add 104.28.17.56 255.255.255.255 192.168.1.254 # Wireshark - Cloudflare route -p add 152.195.54.20 255.255.255.255 192.168.1.254 # Wireshark - ANS Communication Verizon Business route -p add 172.217.5.206 255.255.255.255 192.168.1.254 # Wireshark - Google Search Engine Spider route -p add 204.79.197.200 255.255.255.255 192.168.1.254 # Wireshark - Microsoft Corporation (MSFT) route -p add 216.239.39.21 255.255.255.255 192.168.1.254 # Wireshark - Google route -p add 224.0.0.252 255.255.255.255 192.168.1.254 # Wireshark - MCAST-NET IANA Special Use Am I supposed to get "bad argument" as a result? |
#13
|
|||
|
|||
How do you block an IP address on Windows?
Given , KenW
wrote: The # is to enter comments. The pound sign is just because I started using the HOSTS file and when it didn't work, I commented them out. Ignore the pound sign for our purposes. It was just a cut and paste of the IP addresses which were being sought by my computer when I wasn't doing anything. Haven't used Wireshark, just found way to use it with WiFi, for years. What you see is everything your connection goes through. The output from Wireshark is voluminous but I'm only showing you the IP addresses that showed up after a reboot and after I manually started Wireshark and I watched it for about 10 or 20 minutes. There were hundreds of lines but all of the others didn't go outside the network (for example, there is something that HP does that asks for every single IP address on my local network!). There were broadcasts and other calls to local networks - so these are the IP addresses that went OUT of my network. The question is really a general question which is how best to block any specific IP address (where I know that there can be repercussions but that's not the question). The question is how best to block any given IP address, where the HOSTS file isn't the answer I found out (thanks for everyone who explained why). Either a software or hardware firewall is the answer or the route command is the answer. I'm trying to get the route to work but I must have done something wrong. route -p add 23.215.102.64 255.255.255.255 192.168.1.254 "route: bad argument 192.168.1.254" My network is "normal" as far as I know, with the router at 192.168.1.1 and the rest is a normal setup (afaik). |
#14
|
|||
|
|||
How do you block an IP address on Windows?
"Andy Burns" wrote
| if you use nay of google's services (search, youtube, gmail etc) then | blocking any part of 1e100.net is unwise | I've blocked that for years. I have all of the following Google domains in my Acrylic HOSTS file, which allows wildcards. I occasionally use Google search (when DuckDuckGo doesn't seem up to the task) and sometime Youtube. No problems. But I don't use gmail. I suppose if you're going to use gmail there's not much point trying to protect privacy from Google. 127.0.0.1 *.googlesyndication.com 127.0.0.1 *.googleadservices.com 127.0.0.1 *.googlecommerce.com 127.0.0.1 *.1e100.com 127.0.0.1 *.1e100.net 127.0.0.1 *.doubleclick.net 127.0.0.1 *.doubleclick.com 127.0.0.1 *.googletagservices.com 127.0.0.1 *.googletagmanager.com 127.0.0.1 *.google-analytics.com 127.0.0.1 google-analytics.com 127.0.0.1 fonts.googleapis.com 127.0.0.1 googleadapis.l.google.com 127.0.0.1 ssl.gstatic.com 127.0.0.1 plusone.google.com 127.0.0.1 cse.google.com 127.0.0.1 www.google.com/cse |
#15
|
|||
|
|||
How do you block an IP address on Windows?
On Mon, 21 Aug 2017 16:45:58 +0000 (UTC), Bram van den Heuvel
wrote: Given , Char Jackson wrote: I looked up if the HOSTS file can handle IP addresses but it can't. Correct. The hosts file is accessed when the system needs to perform a DNS query. If the system tries to access a specific IP address directly, there's no DNS query and hence no need to check the hosts file. Thanks for making it make sense as I wasn't sure why the HOSTS file didn't work. A proper firewall allows you to 'drop' traffic destined for a particular host. Even the Windows firewall appears to offer that capability, although I haven't used it there. Inbound blocks appear to be more common, but they mention that outbound blocks are also possible. https://answers.microsoft.com/en-us/windows/forum/windows_7-security/how-do-i-block-outbound-and-inbound-specific-ip/d42c58d0-2693-4a10-a4e4-331b7d041036?auth=1 It seems by all accounts that a software firewall on Windows 10 is the answer. Since I'm not a firewall knowledeable person, and since I'm using Glasswire (I forget why), I'm willing to change the software firewall. What is the recommended firewall for Windows 10 for this blocking purpose? Your router might also have such a feature built in. My TP-Link Archer C9 does, for example, under the Advanced settings, called Access Control. The router has the advantage of working on all the devices, but it also has the disadvantage of being a bit harder to test out for unintended consequences since I don't know what other people in the house are doing at any one time. So I'll try first the machine. Those two methods would affect every PC on the LAN. Here's a method that only affects a single PC, regardless of the Windows version. Create a persistent "host route" that essentially blackholes the traffic that you don't like. Interesting concept! In a Command Prompt, type "route /?" to see the basic help for adding a route. You'd want it to be persistent so it survives across reboots, (or use a script that recreates all of your routes each time you boot), and you'd want the gateway IP to be an address on your LAN that doesn't exist; i.e., a black hole. For example, to block outgoing traffic (from this PC only) to 8.8.8.8 route -p add 8.8.8.8 255.255.255.255 192.168.1.254 where the following: route: the actual command -p: make it persistent add: we're going to add a new route to the routing table 8.8.8.8: the IP you want to block 255.255.255.255: block the single IP, not a range or subnet 192.168.1.254: non-existent IP on the LAN This is neat if it works! I get "route: bad argument 192.168.1.254 Well, it would work if I had provided a proper example. Unfortunately, I omitted the MASK keyword. Try this: route -p add 8.8.8.8 mask 255.255.255.255 192.168.1.254 As traffic for 8.8.8.8 travels up the network stack prior to leaving the PC, the routing table is consulted. Lo and behold, there's a route there that provides special instructions for only this traffic. Everything else is unaffected. For this traffic, instead of sending it to the default gateway, let's send it to a non-existent IP address within the LAN. It'll time out and die, never leaving the LAN. route -p add 23.215.102.64 255.255.255.255 192.168.1.254 # Wireshark - Akamai Technologies route -p add 64.4.54.50 255.255.255.255 192.168.1.254 # Wireshark - Microsoft Corporation route -p add 65.55.252.202 255.255.255.255 192.168.1.254 # Wireshark - Microsoft Corporation route -p add 72.21.91.29 255.255.255.255 192.168.1.254 # Wireshark - EDGECAST-NETBLK-01 Verizon route -p add 104.16.91.188 255.255.255.255 192.168.1.254 # Wireshark - Cloudflare, Inc. route -p add 104.17.104.175 255.255.255.255 192.168.1.254 # Wireshark - Cloudflare, Inc. route -p add 104.28.17.56 255.255.255.255 192.168.1.254 # Wireshark - Cloudflare route -p add 152.195.54.20 255.255.255.255 192.168.1.254 # Wireshark - ANS Communication Verizon Business route -p add 172.217.5.206 255.255.255.255 192.168.1.254 # Wireshark - Google Search Engine Spider route -p add 204.79.197.200 255.255.255.255 192.168.1.254 # Wireshark - Microsoft Corporation (MSFT) route -p add 216.239.39.21 255.255.255.255 192.168.1.254 # Wireshark - Google route -p add 224.0.0.252 255.255.255.255 192.168.1.254 # Wireshark - MCAST-NET IANA Special Use Am I supposed to get "bad argument" as a result? No, if you do a "route print" and check the section of the output that shows the persistent routes, you'll see that you haven't added any new routes yet. In addition to adding the "mask" keyword, you can't add comments, so be sure to remove all of that. After you add routes, do a "route print" to see what the routing table looks like, especially the section for persistent routes: C:\Windows\System32route print ================================================== ========================= Interface List snip ================================================== ========================= IPv4 Route Table ================================================== ========================= Active Routes: Network Destination Netmask Gateway Interface Metric snip ================================================== ========================= Persistent Routes: Network Address Netmask Gateway Address Metric 23.215.102.64 255.255.255.255 192.168.1.254 1 8.8.8.9 255.255.255.255 192.168.1.254 1 ================================================== ========================= snip |
Thread Tools | |
Display Modes | Rate This Thread |
|
|