I suspect the core issue is that everyone logged in has sysadmin or dbo priviledges and instead of fixing that as gail implied with proper security, you are looking for a bandaid approach to limit by ip address.

If you fix your security model by creating roles with the expected permissions, you gain twofold : a better security model and directly addressi g the overpriviledges problem while still fixing the problem itself