How to Setup an IP Range in Firewall?

I’m unable to allow the following IP Ranges +

I also tried on guessing (ip.src in {}) but no luck!

Any suggestions pls?


I am afraid you cannot specify an IP range with "-" symbol (meaning like “from-to”).
Rather, should be using subnet (by CIDR notation) using /16, /19, /24, etc. blocks per need.

You can use your List items:

Add two of them to your new list:

Furthermore, so you would then in Firewall rule have like:

(ip.src in $my_list)

To allow IPs from to


CIDR IP Range -

To allow IPs from to


CIDR IP Range -

Or by adding each one IP address (having multiple OR/AND clauses in a Firewall rule).

Or directly in firewall rule like:

(ip src in {}) -> allow

You can either allow/block IP addresses using IP Access Rules which execute before Firewall rules (order priority):

1 Like

Thanks so much, Fritexvz, for the excellent and prompt support. My head is spinning :smile:

Unfortunately, though, I only managed to use and without using ip.src in {}, but the ranges appear as follows:

Is this normal?

There’s no issue doing them one by one.

Thanks again

1 Like

I suppose that would allow or block much more IP addresses than you need:
256 IP addresses for 1st
65,536 IP addresses for 2nd

Range: -

Range: -

Or maybe, I am wrong, maybe Cloudflare allows us to use only /24 and/or /16 in that case, while I wrote /29 and /28 blocks from your input as for starting IP address.

Hmmm, well, I’ll let run for sometime and if there’s any side effect I’ll have to do it one by one I guess!

Thanks ever so much and have a nice day/night

1 Like

Or kindly and patiently wait for another reply from someone else who might now the better answer to it and help you out :wink:

I honestly don’t understand why we use 16, 24, etc but I guess they limit the range, right?

So if the range is open between 0 and 255 this is way beyond what I should allow which is dangerous, am I right?

If so, then how do I limit it to the specific numbers without doing it one by one?

I tried myself, the IP Access Rules only allows us to use /16 and /24 CIDR blocks - which in conclusion, if you use: with action allow - it would allow 256 IPs in total
as for (256 IPs allowed)

While for Firewall Rules I tested and I can use:

From above, I tested and having a Firewall rule like:

(ip.src in {}) -> Action: Allow

The above should allow your IP addresses (2-3 more than you wanted in your original post due to CIDR notation - replied with all the list which would be allowed) to connect.

After applying the changes, wait for 5-7 minutes and try it that would work

Thanks mate for all your efforts. You did a great job.
I did it one by one and now it seems working fine.

Have a nice day

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.