blocking countries using control panel firewall

[posse]

I wanted to find out if theres a way to block whole country ip ranges using the firewall provided by NFO. for example if i wanted to block ip ranges like these:

46.16.104.0/21
46.17.120.0/21
46.17.144.0/21

how would i go about doing that?

[kraze]

You would just need to do basic subnet banning. What you have there will work but for our firewall you can just enter

46.16.104.*
46.17.120.*
46.17.144.*

It looks like you are trying to ban users in Serbia so adding what I listed above should do it.

You will want to be very careful with subnet banning as you can easily ban entire countries from connecting to your server.

[posse]

Yup I'm aware of that, thanks for the help. I was just not sure what format to enter the IP's in. =)

[Edge100x]

The tool doesn't support CIDR notation right now, so you'll need to use *'s at present.

If you have an unmanaged VDS, you can also block these through the firewall inside the VDS.

[posse]

Yea I used to run a simple script that would block it with iptables, but for some reason on gentoo iptables is not working. keeps giving me an error at startup. tried to remove it and emerge again but it wont compile now. so was trying to do it through the CP firewall.

[posse]

heres all the ip's i want to block, but it keeps giving me a ip specification invalid. im sure im overlooking something.

Code: Select all

46.16.104.*
46.17.120.*
46.17.144.*
46.40.*.*
62.108.96.*
62.193.128.*
62.240.*.*
64.64.2.179
69.36.44.240
69.64.55.*
69.90.18.88
77.46.128.*
77.74.248.*
77.105.*.*
77.243.16.*
77.247.200.*
77.247.248.*
78.24.104.*
78.30.128.*
78.109.96.*
79.101.*.*
79.175.64.*
80.70.240.*
80.74.160.*
80.80.162.40
80.80.163.136
80.80.165.180
80.80.165.192
80.80.173.84
80.85.27.184
80.93.224.*
80.190.209.148
80.240.144.*
81.17.230.*
81.18.48.*
81.92.241.104
82.114.68.*
82.114.76.*
82.114.76.128
82.114.76.16*
82.114.76.184
82.114.80.184
82.114.81.56
82.114.81.12*
82.114.81.136
82.114.81.152
82.114.85.152
82.114.87.152
82.114.88.152
82.114.88.216
82.114.88.248
82.114.90.*
82.114.93.*
82.114.95.192
82.117.192.*
82.131.209.*
82.208.192.*
82.214.126.*
83.136.176.*
84.22.32.*
85.118.185.*
85.222.128.*
87.116.128.*
87.237.200.*
87.238.208.*
87.250.32.*
88.150.128.*
88.210.152.48
89.23.64.*
89.110.192.*
89.216.*.*
91.83.132.*
91.102.168.*
91.102.224.*
91.103.8.*
91.143.208.*
91.148.64.*
91.150.64.*
91.185.96.*
91.187.96.*
91.187.97.*
91.187.104.*
91.187.128.*
91.193.24.*
91.194.82.*
91.194.216.*
91.195.38.*
91.195.176.*
91.199.17.*
91.201.136.*
91.207.62.*
91.208.89.*
91.212.15.*
91.212.69.*
91.212.132.*
91.216.48.*
91.217.14.*
91.218.172.*
92.42.248.*
92.42.250.4
92.42.254.4
92.42.255.4
92.42.255.132
92.42.255.196
92.42.255.228
92.42.255.244
92.42.255.252
92.48.*.*
92.60.224.*
92.244.128.*
93.86.*.*
93.92.248.*
93.93.192.*
93.184.80.*
93.186.64.*
93.186.72.*
93.186.76.*
93.187.240.*
93.188.64.*
93.190.145.*
93.190.160.*
94.100.48.*
94.127.*.*
94.189.128.*
94.228.224.*
94.229.112.*
94.230.176.*
94.247.200.*
95.85.128.*
95.140.112.*
95.168.64.*
95.180.*.*
109.71.152.*
109.72.48.*
109.92.*.*
109.94.96.*
109.94.224.*
109.106.224.*
109.109.192.*
109.111.224.*
109.121.*.*
109.122.64.*
109.198.*.*
109.206.96.*
109.207.32.*
109.233.184.*
109.235.96.*
109.245.*.*
147.91.*.*
160.99.*.*
178.17.16.*
178.20.160.*
178.20.200.*
178.22.216.*
178.79.*.*
178.148.*.*
178.175.*.*
178.212.88.*
178.216.200.*
178.217.8.*
178.218.192.*
178.219.*.*
178.220.*.*
178.237.208.*
178.250.136.*
178.253.192.*
178.254.128.*
188.2.*.*
188.93.120.*
188.95.176.*
188.120.96.*
188.246.32.*
193.30.248.*
193.34.64.*
193.34.142.*
193.104.68.*
193.105.163.*
193.107.4.*
193.203.2.*
193.203.6.*
193.203.18.*
193.203.22.*
193.203.24.*
193.203.26.*
193.203.28.*
193.243.168.*
194.24.248.*
194.28.128.*
194.54.180.*
194.79.40.*
194.106.160.*
194.110.216.*
194.145.153.*
194.194.158.*
194.194.158.128
194.247.192.*
194.247.208.*
194.247.212.*
194.247.214.*
194.247.215.128
194.247.219.128
194.247.221.128
194.247.222.128
194.247.223.*
194.247.223.68
194.247.223.196
194.247.223.228
194.247.223.244
194.247.223.252
195.46.52.*
195.64.170.*
195.66.164.*
195.66.168.*
195.66.171.16
195.66.172.*
195.66.181.96
195.66.182.64
195.66.182.*
195.66.182.208
195.66.183.128
195.66.183.160
195.66.184.16
195.66.184.48
195.66.184.96
195.66.184.120
195.66.185.*
195.66.185.*
195.66.185.160
195.66.185.224
195.66.186.128
195.66.186.176
195.88.12.*
195.88.216.*
195.170.183.*
195.178.32.*
195.182.214.*
195.222.96.*
195.242.76.*
195.250.96.*
195.252.64.*
195.252.96.*
195.252.112.*
195.252.116.*
195.252.118.*
195.252.118.128
195.252.118.152
195.252.126.152
195.252.127.152
195.252.127.216
195.252.127.248
206.214.220.151
212.57.40.*
212.62.32.*
212.69.*.*
212.102.128.*
212.124.160.*
212.178.224.*
212.200.*.*
213.133.8.*
213.137.96.*
213.149.102.32
213.149.102.48
213.149.102.160
213.149.119.*
213.163.96.*
213.184.96.*
213.198.192.*
213.240.*.*
213.244.192.*
213.253.111.*
213.253.116.*
213.253.117.64
213.253.117.96
213.253.117.120
213.253.117.176
213.253.117.192
213.253.117.208
213.253.118.*
213.253.118.32
213.253.118.96
213.253.118.192
213.253.119.192
213.253.120.*
213.253.121.*
213.253.123.*
216.14.121.161
216.14.121.163
216.38.51.228
216.236.216.*
217.16.128.*
217.17.96.*
217.24.16.*
217.26.64.*
217.26.208.*
217.26.212.*
217.65.192.*
217.119.240.*
217.169.208.*
217.194.133.224

[posse]

ok figured it out.

[kraze]

ok figured it out.

What was the problem?

[posse]

not too sure to be honest, i think it was just the formating that was wrong. i got a range list from anoter place and then added the wildcards again and tried and it worked.

[soja]

To block the IPs in your original post, you would need to go a bit farther.

Because the IP's are /21, if you really wanted to block all hosts from there, you would need to block:

46.16.104.1 to 46.16.111.254

46.17.120.1 to 46.17.127.254

and 46.17.144.1 to 46.17.151.254


Not sure if this is easy to implement via the control panel, but I just thought I'd give you the correct IPs to block