Can anyone guide me on how to ban a ip class /range i get quite a big number of attempts from 4 clases of ip’s and was wondering if i can just ban the subnet directly.
Can anyone help with this, i was checking this but not sure so don’t want to brake something.
Maybe you can start from the Web UI: Server > Firewall > Add rule. You can input many different IP addresses in CIDR format.
You can try using a CIDR calculator https://www.ipaddressguide.com/cidr As for which ports to block, 0-65535 would be an option if you want to completely block hosts. Hope this helps.
if you know, what you are doing, something like this will do it:
iptables -I INPUT -s 126.96.36.199/24 -j DROP
of course you want to be careful about the correct subnet mask and so on. things you do on command line directly like this will also not show up in the GUI, maybe rather stick to @Felix solution
by the way, if it’s brutforce attempts to standard ssh port … get used to it, that totally normal. sometimes changing the port helps for a while. other than that look into implementing some blocklists f.i. via ipset, which in general are more helpful and efficient to block different type of bruteforce attacks or even spam.