I do this with a Mikrotik router. My IP block list currently has 21,350 entries. Some are individual host IP's, some are large IP address blocks. I have scripts that update the lists every morning. The Mikrotik is my WAN router and Sophos XG is in in bridge mode directly after it. pfSense with the pfBlockerNG package does IP block lists extraordinarily well. Very easy to set up and does de-duplication when pulling IP block lists from multiple sources.
↧