Page 1 of 1

Blocking IP Subnets

Posted: November 10th, 2019, 3:20 pm
by dilse
I’m currently using a single rule to DROP groups of subnets (incoming). This is a pain to manage, as I need to add the name, subnet, mask, desc each time I need to add a new subnet in. Is there a better way to do this?

Re: Blocking IP Subnets

Posted: November 10th, 2019, 4:56 pm
by BeBiMa
What kind of subnets do you want to block?
Incoming means red interface, I suppose.
The firewall drops all incoming traffic not belonging to a connection initiated from inside ( green, blue ).

Re: Blocking IP Subnets

Posted: November 10th, 2019, 5:04 pm
by dilse
Sorry, I should have added extra info.

I am hosting a number of servers, so I have allowed inbound (RED) for the world.
This of course opens up the servers to attackers. I can see a bunch of attempts daily, say around 5-8 unique addresses.

I had a look at firewall.local, and blocklist file, but couldn't get it working, so ended up creating Groups of IPs, and a block rule, which works great, but adding each subnet to block, is a pain.