Blocking IP CIDR
Hopefully you technical gurus can answer this one for me...?
I have been using this site: https://bgp.he.net/ to lookup CIDR of IPs Fail2Ban has blocked and inturn block the entire CIDR.
When it lists, for example:
AS35104 IRR Parent Valid ROA Signed and Valid
188.8.131.52/23 "Kaztranscom" JSC
AS35104 IRR Valid ROA Signed and Valid
184.108.40.206/24 "Kaztranscom" JSC
Would I block BOTH 220.127.116.11/23 AND 18.104.22.168/24, or would 22.214.171.124/23 be sufficient because 126.96.36.199/24 is still inside the subnet of the other?
But then why would it list both? Is it because the IP is still within both subnets?
Thanks for the clarification!