How to block a large IP range?



  • I want to block a large range, say 74.125.0.0 through 74.125.255.255  How do I do this?  I tried making it an alias, but I got an error message "Range is too large to expand into individual host IP addresses (74.125.0.0-74.125.255.255) The maximum number of entries in an alias is 5000".

    Any ideas?

    Thanks.


  • LAYER 8 Global Moderator

    For your example why do you need to create an alias just use network either direct in the rule or via an alias

    74.125.0.0/16 or mask 255.255.0.0 is that netblock.


  • Banned

    @magmatic:

    I tried making it an alias, but I got an error message "Range is too large to expand into individual host IP addresses (74.125.0.0-74.125.255.255) The maximum number of entries in an alias is 5000".

    Which version? What type of alias? Just tested with 2.3.4 snapshot and IP network-type alias and it got translated to 74.125.0.0/16 perfectly fine without any error.


  • Rebel Alliance Developer Netgate

    If you use a host-type alias it tries to expand that into individual IP addresses.

    Have to use a Network type alias.


Log in to reply