This thread looks good.
Freyder seems to have a really good solution and it should be easy to implement.
In freyder's example he pulls two lists from spamhaus and when combined they block 920 networks. This list should load in a few seconds so refreshing the list should be cheap.
As well, we could add the emerging threats list from here for another 1547 IP/Subnets.
I would expect this to all work well with the existing edgerouter which for the price will beat any bigger named gear, just compare processor, memory and other specs.
extremely technical info performed by WilkinsConsulting@hotmail.com