Help with firewall rules

BBucKK12 · January 8, 2013, 12:58pm

Hi - I’ve been getting poked alot from IP ranges in China. I would love to just block those entire ranges if possible. In the inbound firewall rules I see it allows denying “network” in Source IP & Port. I’m seeing ranges like 222.186.44.36, 222.186.30.92 etc… where the 222.186 are all the same. Is it possible to block everything from 222.186 and how do I do that? What do I set as the IP and the Mask?

Thanks
BBucKK12

Stanley_Chan · January 8, 2013, 3:20pm

Under the Source, you can choose Network instead of Single Address. Then under Mask: just select 255.255.0.0 (/16).

BBucKK12 · January 8, 2013, 9:00pm

thanks for the rely - I have done that but I still need to put an entire IP block under network - what do I put in to block all of 222.165.X.X? is it 222.165.1.0? Perhaps 222.165.0.0?

Thanks

Stanley_Chan · January 9, 2013, 9:38am

Please refer to the screenshot attached.

BBucKK12 · January 9, 2013, 10:01am

Excellent! Many thanks