How do I export or provide the rule base?

If I set up this rule, and place it at priority 1, then how is any connection accepted from this IP range

DENY

All connections (TCP and UDP) range 1-65535

Source Interface: ANY

Source - Range - 222.184.0.0 ~ 222.191.255.255

Destination IP: ANY

Scheduling: Always

In the logs you will later see, for example, several BLOCKed connections from addresses in this range at various destination ports, but will consistently see ALLOW connections to ports 500 (UDP) and 4500 (UDP) from addresses in this source range (such as 222.184.115.203)

222.184.115.203 what is this IP. is this your WAN Side IP address ?

Do you have  IPSEC VPN enabled on RV320,  500 (UDP) and 4500 (UDP) this ports allowed if you enabled IPSEC VPN.

The example IP address shown is in a block of IP addresses from China which are attacking/probing our routers from the WAN side (hundreds of entries in the router logs probing various common listening ports).

Yes, we have IPSEC configured (router as a local IPSEC server, not pass-through); but I still cannot understand why a connection from a blocked IP range is allowed on ANY ports including the IPSEC and IPSEC-NAT ports?!

Suggest to enable the feature come with the kit DoS attack protection.

https://www.cisco.com/c/en/us/support/docs/smb/routers/cisco-rv-series-small-business-routers/smb4336-basic-firewall-configuration-on-rv320-and-rv325-routers.html

Since any interface/ip facing public side have some attacks  will take place. either you close fully block, still the port-scan from attacker always be there.

that is the reason we need a strong FW block our internal LAN from these kind of attacks.