To restrict access via iptables the entire subnet

Good evening, faced with the problem of DDoS on one of my projects.

Desat the whole subnet, and block each IP range separately too long, time is running out.

Actually a question — how ograniciti access to my project from a whole subnet using iptables?
October 8th 19 at 00:40
2 answers
October 8th 19 at 00:42
iptables-I INPUT-m iprange --src-range -j DROP
Thank you very much, I think I did :) - brenda_Dickens commented on October 8th 19 at 00:45
Please :) - dwight.Marquar commented on October 8th 19 at 00:48
Or so:
-A INPUT-j Firewall
-A Firewall-m state --state RELATED,ESTABLISHED -j ACCEPT
-A Firewall-s -p tcp -m state --state NEW-m tcp -j DROP - Ila.Mayert commented on October 8th 19 at 00:51
October 8th 19 at 00:44
I would have looked in the direction of ipset if it is necessary to block multiple subnets

Find more questions by tags LinuxIptables