Text only | Text with Images

OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: RobLatour on February 20, 2023, 06:35:09 PM

Title: blocking a range of external ip addresses
Post by: RobLatour on February 20, 2023, 06:35:09 PM
I am currently using an alias to block specific external ip v4 addresses; which is great.

However, I would like to be able to all external IP v4 addresses from a specific range of IP addresses.

For example x.y.*.*  (where x and y are specific numbers that I enter, and the * can be anything from 0 to 255)

What is the best approach for this?

Title: Re: blocking a range of external ip addresses
Post by: SFC on February 20, 2023, 07:41:50 PM
You would create an alias with a type of network, and then put in the appropriate subnet and subnetmask.

If you wanted X.X.*.* - it would be 192.168.0.0/16
X.X.X.* would be 192.168.1.0/24

https://www.freecodecamp.org/news/subnet-cheat-sheet-24-subnet-mask-30-26-27-29-and-other-ip-address-cidr-network-references/
Title: Re: blocking a range of external ip addresses
Post by: RobLatour on February 20, 2023, 10:25:43 PM
Perfect, that works really well.  Thank you.
Text only | Text with Images