Bulk ban ip ranges?

Hello all,

So I currently have various means of firewalls protecting my PBX. I have SonicWALL GEO-IP filter, SonicWALL nat settings and policies in place, running fail2ban and the freepbx firewall as well as APIBAN running.

I have had great success with Freepbx firewalls, SonicWALL, and APIBAN all running together. However, I am noticing attacks coming from a specific range of IP address.

Example aaa.bbb.ccc.ddd where aaa.bbb remains the same and ccc and ddd change.

I would like to block ip address starting with aaa.bbb. Is there a way to bulk handle this in freepbx?

If you’re using the FreePBX Firewall module, you can add AAA.BBB.0.0/16 to the firewall blacklist.

1 Like

https://wiki.freepbx.org/display/FPG/Firewall+Blacklist

Thank you both so much! Perfect, just what I was looking for!

Be careful with how many broad /8 /16 ranges you block. If it’s a truly large number, you will bring the system crashing to its knees if you ever try to blacklist a large portion of available addresses.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.