Help with firewall rules

Hi - I’ve been getting poked alot from IP ranges in China. I would love to just block those entire ranges if possible. In the inbound firewall rules I see it allows denying “network” in Source IP & Port. I’m seeing ranges like, etc… where the 222.186 are all the same. Is it possible to block everything from 222.186 and how do I do that? What do I set as the IP and the Mask?


Under the Source, you can choose Network instead of Single Address. Then under Mask: just select (/16).

thanks for the rely - I have done that but I still need to put an entire IP block under network - what do I put in to block all of 222.165.X.X? is it Perhaps


Please refer to the screenshot attached.

Excellent! Many thanks