Ban Ip subnet / Range on fail2ban

Can anyone guide me on how to ban a ip class /range i get quite a big number of attempts from 4 clases of ip’s and was wondering if i can just ban the subnet directly.

Can anyone help with this, i was checking this but not sure so don’t want to brake something.


Maybe you can start from the Web UI: Server > Firewall > Add rule. You can input many different IP addresses in CIDR format.

You can try using a CIDR calculator As for which ports to block, 0-65535 would be an option if you want to completely block hosts. Hope this helps.

1 Like

if you know, what you are doing, something like this will do it:

iptables -I INPUT -s -j DROP

of course you want to be careful about the correct subnet mask and so on. things you do on command line directly like this will also not show up in the GUI, maybe rather stick to @Felix solution :wink:

by the way, if it’s brutforce attempts to standard ssh port … get used to it, that totally normal. sometimes changing the port helps for a while. other than that look into implementing some blocklists f.i. via ipset, which in general are more helpful and efficient to block different type of bruteforce attacks or even spam.

1 Like