Block TOR exit nodes inbound to a rule?
We have a public facing server that is being being hammered from TOR exit nodes. I'd like to block these IP's inbound to this rule. As a last resort, I can add the exit IP list to the Default Threat Protection blocked sites list, but I'd prefer to just limit it to this one rule. Talking to a colleague, he had said that his firewall systems include TOR in his geo blocking rules which would make it easy, but alas, it appears Watchguard does not have this ability.
Any suggestions on short of adding hundreds of IP's and networks to the blocked sites list?