Blocking traffic by subnet range

Ref: https://serverfault.com/questions/592061/block-range-of-ip-addresses/592063 Ref:https://www.linuxbabe.com/mail-server/block-email-spam-postfix Blocking an entire range Sometimes, it just becomes necessity to deny all traffic from an entire range. Before doing this, it is probably advisable to determine what/who owns the range of addresses. https://whois.arin.net/ is a good place to do a lookup on the owner. use the search at the top of the page to enter an IP from that range. This will display some information such as the range of addresses that is owned. Network Net Range (your range).0.0.0 - (yourrange).255.255.255 CIDR (yourrange).0.0.0/8 The CIDR in this example was the entire range of the class A. Since I do not wish to receive anything from this range (located somewhere in Amesterdam), I therefore block the entire gammit using that CIDR. sudo iptables -A INPUT -s (yourrange).0.0.0/8 -j DROP You can see what you have blocked by using: sudo iptables -L