Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Blocking IP ranges

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    4 Posts 3 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OBXJeepGuyO
      OBXJeepGuy
      last edited by

      I have searched, and searched and can't seem to get an answer to this. When using IPv4 Custom_List in pfBlockerNG, can I enter a range of IP addresses as:
      103.79.140.0-103.79.143.255 in order to block the entire range?

      johnpozJ 1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @OBXJeepGuy
        last edited by johnpoz

        @obxjeepguy said in Blocking IP ranges:

        103.79.140.0-103.79.143.255 in order to block the entire range?

        why would you not just use 103.79.140.0/22

        Which is 103.79.140.0 - 103.79.143.255

        If your just wanting to block IP ranges, you could just use the normal aliases. Pfblocker aliases are better at handling something that is dynamic and loaded. If you know for sure that is the range you want to block and its not going to change, just normal alias would be easier to setup

        If you just want to block that cidr, there really is no need to create an alias even, you could just block that cidr in your rule.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        OBXJeepGuyO 1 Reply Last reply Reply Quote 1
        • OBXJeepGuyO
          OBXJeepGuy @johnpoz
          last edited by

          @johnpoz I am somewhat new to this game. I only understand basics at this point. Plus, I am used to being able to block IP ranges in this fashion on SEP. pfSense is leaps, and bounds above anything I have ever dealt with. However, I am learning every day to be sure!

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Yes you can enter a range like that in a pfBlocker and it will create it from CIDRs. For example:
            Screenshot from 2022-03-30 18-15-46.png

            Resulting in an alias table:
            Screenshot from 2022-03-30 18-16-10.png

            Steve

            1 Reply Last reply Reply Quote 2
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.