IP address black hole on a unifi USG router
Recently I have had someone trying to brute force a login onto my NAS box here and they were constantly using the same IP address. So I decided to research how to stop a specific IP address from connecting to my network from the internet. I have a USG Pro4 router which is an excellent device if you are prepared to put in the time to learn the intricacies of how it works.
To black hole an address
Navigate to Settings/Routing & Firewall and click on create a new rule
Use the settings below. Note that you will need to "CREATE IPV4 ADDRESS GROUP". I called mine "Black hole" to make it obvious what it is for.
Once this is done click Save. What this does is drop all incoming packets from any IP address defined in the "Black hole" group.
To black hole an IP address simply navigate to Settings/Routing & Firewall/Groups and select Edit
Add the IP address and click Save. That IP address will no longer be able to connect to your network. my list is below