From: Robert G. <ro...@ga...> - 2018-01-07 14:06:24
|
I have a REXX program that runs on a timer, scanning my web server logs and looking for evidences of people trying to 'brute force' guess passwords. It happens a lot. Without getting too far into the details, when something is detected the program runs a windows powershell command to add a block for the offending IP range into the windows group policy object that controls my windows firewall. The line of code that runs the command looks like this: /* Update the applicable GPO */ _CMD = "powershell.exe", "New-NetFirewallRule", "-DisplayName "_NEWIP, "-Direction Inbound", "-Profile Any", "-Action Block", "-InterfaceType Any", "-RemoteAddress "WORD(PARMS.IP,1)"-"WORD(PARMS.IP,2), "-PolicyStore ...mydomain...\...firewall policy GPO name..."; _CMD; When the code runs, it gets this response: New-NetFirewallRule : A directory service error has occurred. At line:1 char:1 + New-NetFirewallRule -DisplayName 043.241.140.000 -Direction Inbound - ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (MSFT_NetFirewallRule:root/standar dcimv2/MSFT_NetFirewallRule) [New-NetFirewallRule], CimException + FullyQualifiedErrorId : Windows System Error 8341,New-NetFirewallRule powershell.exe New-NetFirewallRule -DisplayName ...new rule name... -Direction Inbound -Profile Any -Action Block -InterfaceType Any -RemoteAddress ...IP address range... -PolicyStore ...mydomain...\...firewall policy GP name... New-NetFirewallRule : The requested object could not be found. What I don't understand about the situation, is that I can cut the command from the code, paste it into a command window with no changes, and it works perfectly. So I must be missing something here - I just don't yet know what. I'm hoping someone here can shed some light. Thanks, Robert |