Blocked IPs

From Kolmisoft Wiki
Jump to navigationJump to search

Blocked IPs can be used from Admin account and from Accountant account with Monitoring permissions enabled. From Admin account, go to Security -> Blocked IPs to manage blocked IPs. An IP can be blocked by entering valid input values and by clicking the Block icon. The to-be-blocked IP must not be local or a current server IP. By clicking on the Unblock icon an IP is unblocked. All the blocking/unblocking changes will be active in one minute after they have been applied. Country information (flag) can take up to one hour to appear.

Mor blocked ips list.png

When IP is blocked manually reason says: MOR-BLOCKED-IP-FROM-GUI. When IP is blocked automatically by MOR reason says: fail2ban-AST_CLI_Attack. Below you see example how it looks in GUI:

Blocekd IPs example.png

Explanation of the values given in the Reason column can be found here. Reason "INPUT" means that IP was blocked manually by using these instructions: How to block someone's IP

Reasons why IP was not blocked:

IP is incorrect or blank
IP is already blocked for this server
Cannot block server IP
IP address is private
IP address is local

You can search blocked IP. Possible search by a single IP or for the range using wildcard % like in the example.

Blocked ips search mor.png

Blocked IP format

It is possible to block IPs in such format:

  • Single IP, for example, 2.2.2.2
  • Subnet in CIDR notation, for example, 2.2.2.0/24. Please note that CIDR notation will be converted into the canonical format automatically. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
  • IP range in format x.x.x-xx, for example 2.2.2.1-125. Please note that all IPs in the range will be blocked as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.

See Also