Blocking of outgoing IP ranges

CJRCJR Member, Beta Tester Posts: 3
First Comment Photogenic
Hi Fing,
Is it possible to let FingBox deny packages addressed to IP addresses within specific IP ranges?
I'd like to be able to select IP ranges to be blocked; as an example I'd like to ensure that my IoT equipment doesn't contact Russia, Africa etc.

Best Answer

Answers

  • MarcMarc Moderator, Beta Tester Posts: 1,627
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Hi @CJR , that's more of a function for your router and or firewall.  Fingbox tends to specialize more on the ability to deny or allow hosts onto your network, along with looking out for certain external threats which it can identify or block.

     There are probably lots of people on these forums who could direct you to software or hardware solutions for what you are looking for.  @rooted
    @kltaylor @Pixelpopper etc...  Any thoughts here?
    Thats Daphnee, she's a good dog...
    PixelpopperCiaranCJR
  • rootedrooted Gulf Coast, USModerator Posts: 751
    500 Comments 50 Answers 100 Likes 25 Agrees
    ✭✭✭✭

    That's a job for iptables, few standard routers will allow this type of filtering but any router running DD-WRT, LEDE, or OpenWRT will allow you to use iptables.

    CJR
  • PixelpopperPixelpopper Moderator Posts: 130
    100 Comments 25 Likes First Anniversary Member of the Month
    ✭✭✭
    edited January 24
    Many standard, ISP supplied routers, are capable of blocking websites via the Parental Control functionality (This often includes additional customisable security options). Some ISPs spread these options between the router & web based accounts (BT use combined method for their U.K. customers) but check with your ISP for further details. Of course to block an entire nation’s websites will probably require some significant investment in time & cash. To restrict the scale of these investments you might consider monitoring which websites are being accessed from your network and then block those sites (not all Russian sites, for example, are attempting to defraud everyone).
    If the last sentence is of interest then the following link may be of interest.
    rootedCJR
  • CJRCJR Member, Beta Tester Posts: 3
    First Comment Photogenic
    Thanks for your answers! I agree that this might be out of scope for FingBox, although it might be fairly easy to block from there. Thanks for the DDOS link, seems that I should really dig into doing this from a router :-)
  • CiaranCiaran Administrator Posts: 873
    500 Comments 100 Awesomes 25 Answers 100 Likes
    admin
    @CJR thank you for this question. @rooted , @Marc , @Pixelpopper really great input and advise offered here. @CJR , can you mark which ever response you found most useful as 'answered question' (that way it will help other users who experience a similar issue get to the answer quickly, and also give the responder kudos :smile:   )


    Ciaran (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
    CJR
  • CJRCJR Member, Beta Tester Posts: 3
    First Comment Photogenic
    Done; although selecting only one isn't totally fair ;-)
    I'll check up on EdgeRouter X, which can do this :-) 

    Marc
Sign In or Register to comment.