Help with firewall rules


#1

Hi - I’ve been getting poked alot from IP ranges in China. I would love to just block those entire ranges if possible. In the inbound firewall rules I see it allows denying “network” in Source IP & Port. I’m seeing ranges like 222.186.44.36, 222.186.30.92 etc… where the 222.186 are all the same. Is it possible to block everything from 222.186 and how do I do that? What do I set as the IP and the Mask?

Thanks
BBucKK12


#2

Under the Source, you can choose Network instead of Single Address. Then under Mask: just select 255.255.0.0 (/16).


#3

thanks for the rely - I have done that but I still need to put an entire IP block under network - what do I put in to block all of 222.165.X.X? is it 222.165.1.0? Perhaps 222.165.0.0?

Thanks


#4

Please refer to the screenshot attached.



#5

Excellent! Many thanks