Blocking IP Subnets

General questions.
Post Reply
dilse
Posts: 39
Joined: August 12th, 2014, 8:09 am

Blocking IP Subnets

Post by dilse » November 10th, 2019, 3:20 pm

I’m currently using a single rule to DROP groups of subnets (incoming). This is a pain to manage, as I need to add the name, subnet, mask, desc each time I need to add a new subnet in. Is there a better way to do this?

BeBiMa
Posts: 2842
Joined: July 30th, 2011, 12:55 pm
Location: Mannheim

Re: Blocking IP Subnets

Post by BeBiMa » November 10th, 2019, 4:56 pm

What kind of subnets do you want to block?
Incoming means red interface, I suppose.
The firewall drops all incoming traffic not belonging to a connection initiated from inside ( green, blue ).
Image
Unitymedia Cable Internet ( 32MBit )

dilse
Posts: 39
Joined: August 12th, 2014, 8:09 am

Re: Blocking IP Subnets

Post by dilse » November 10th, 2019, 5:04 pm

Sorry, I should have added extra info.

I am hosting a number of servers, so I have allowed inbound (RED) for the world.
This of course opens up the servers to attackers. I can see a bunch of attempts daily, say around 5-8 unique addresses.

I had a look at firewall.local, and blocklist file, but couldn't get it working, so ended up creating Groups of IPs, and a block rule, which works great, but adding each subnet to block, is a pain.

Post Reply