Ability to enter IP CIDR Ranges and Port Blocks rules

There is no option to block an IP Range. Nor ability to block ports.

Since glasswire is replacing other firewall apps. This option needs to be in there because it’s not a good idea to stack firewall apps on top of each other.

It’s a hassle to do this directly within windows firewall control panel. And you could put convenient enable/disable toggles on these rules.

I cannot stress how important this is. because first thing a user does is “ALLOW” their browser full access. Yet there many bad actor scripts that spread out their spyware though multiple dns subdomains. But you can easily stop them totally dead because at the end of the day they route themselves to just a couple of central servers within a IP Range. It is NOT enough to just block a single IP address. or attempt to block a single dns address.

Windows has full CIDR/IP blocking ability. This is the equivalent of a Wildcard block.

There are also many dangerous ports left open by windows. Which need to be blocked. Glasswire has no facility to enter port blocks.

Both of these are built into windows native firewall. But you could provide to option to control these

I have found GlassWire to be more convenient to use than all the other firewalls. It also implements an extremely important feature of keeping a timeline of past activity. Windows has a habit of only running traffic through apps and services when the computer is idle and the screen has been off. As SOON as you wake it up. These apps stop running traffic. Glasswire remembers them and even tells you. This feature alone makes me want to keep glasswire.

Thanks for your feedback on blocking hosts.

For those who want to do wildcard ip blocks on top of glasswire. it is as easy as entering a single cmd line. such as this

netsh advfirewall firewall add rule name=“MYBLOCK” protocol=any dir=out action=block remoteip=xxx.xxx.xxx.xxx/xx

For example, suppose you know you want to remove an entire aws server in germany from accessing your computer. You dont care how or why it got into your system. you just want them gone.

netsh advfirewall firewall add rule name=“MYBLOCK” protocol=any dir=out action=block remoteip=

There are tools to determine the ip ranges used by offending ip’s to know how wide the mask needs to be.

I highly suggest glasswire implement this in their rule system. First to read the ip range from a single IP. Then to add the rule. Then to have convenient enable/disable’s on these rules since sometimes you may wish to allow them temporarily. even better to have them auto-disable themselves again after say… 5 minutes?