So I currently have various means of firewalls protecting my PBX. I have SonicWALL GEO-IP filter, SonicWALL nat settings and policies in place, running fail2ban and the freepbx firewall as well as APIBAN running.
I have had great success with Freepbx firewalls, SonicWALL, and APIBAN all running together. However, I am noticing attacks coming from a specific range of IP address.
Example aaa.bbb.ccc.ddd where aaa.bbb remains the same and ccc and ddd change.
I would like to block ip address starting with aaa.bbb. Is there a way to bulk handle this in freepbx?
Be careful with how many broad /8 /16 ranges you block. If it’s a truly large number, you will bring the system crashing to its knees if you ever try to blacklist a large portion of available addresses.