Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Block lots of ip ranges

    Firewalling
    3
    3
    2061
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xibalba last edited by

      hello,
      i was wondering if there was an easy way to block large sets of ip ranges? I wanted to block all of APNIC from accessing any of the machines behind my network on port SSH. I foudn a few lists and was wondering if there was an easy way to implement this from them?

      http://www.completewhois.com/bogons/data/bogons-netrange-apnic_main.txt
      http://www.completewhois.com/bogons/data/bogons-cidr-apnic_main.txt
      http://www.completewhois.com/bogons/data/bogons-netmask-apnic_main.txt
      http://www.completewhois.com/bogons/data/bogons-dd-apnic_main.txt

      thanks

      1 Reply Last reply Reply Quote 0
      • R
        rsw686 last edited by

        Did you ever think about setting the max connections per xx seconds in the advanced area on the firewall rule page? This is what I have done. Have mine set for 3 connections per 240 seconds. That way hackers only get 9 attempts (3 attempts for 3 connections) before they are blocked for 4 min. At this point they think there banned and don't bother to try again.

        1 Reply Last reply Reply Quote 0
        • J
          jeroen234 last edited by

          at interfaes/wan turn on

          Block bogon networks
          When set, this option blocks traffic from IP addresses that are reserved (but not RFC 1918) or not yet assigned by IANA.
          Bogons are prefixes that should never appear in the Internet routing table, and obviously should not appear as the source address in any packets you receive.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post