Skip to main content


Showing posts from March, 2010

Blocking Traffic from Foreign Countries - Creating a block list of Supernets using PowerShell

The following PowerShell script will create a list of supernets that are outside of the United States. The networks created by this script are intended to be used to restrict network traffic from foreign countries. The results of this script aren't perfect and aren't intended to be perfect. There is trade off between the size of the list and accuracy, and I chose to err on the side of a shorter list of networks so it would not add and extra burden to the firewall.
Here is the script:
$debug = 0
# Filter for records that aren't in the US or run by ARIN
$records = ([xml]((New-Object System.Net.WebClient).DownloadString(""))).registry.record | ? {
  $_.designation -notlike "*ARIN*" -and
  $_.status -ne "LEGACY"
# Create array for holding supernets
$supernets = @()
# Add a property for the Binary representation of the first octet
# Add a property for holding the masked bits, used for …