Blocking company ranges
-
This maybe a stupid question or one that's already been asked but on cracking open one of the lists that blocklist.com gives me for apple inside all I found was a range so it got me thinking can you just block a range in pfsense or pfbloker?
example
ns3.bbc.co.uk 156.154.66.17 2610:a1:1015::17
ns3.bbc.net.uk
ns4.bbc.co.uk 156.154.67.17 2001:502:4612::17
ns4.bbc.net.ukCan I just block 156.154.66.17-156.154.67.17 instead of the hole list?
or just 156.154.66.17/16
-
This maybe a stupid question or one that's already been asked but on cracking open one of the lists that blocklist.com gives me for apple inside all I found was a range so it got me thinking can you just block a range in pfsense or pfbloker?
example
ns3.bbc.co.uk 156.154.66.17 2610:a1:1015::17
ns3.bbc.net.uk
ns4.bbc.co.uk 156.154.67.17 2001:502:4612::17
ns4.bbc.net.ukCan I just block 156.154.66.17-156.154.67.17 instead of the hole list?
or just 156.154.66.17/16
if you want to block by IPv4 address only use
156.154.66.17/24 &156.154.67.17/24156.154.66.17/32 &156.154.67.17/32 AS13037 just the IP addresses.If you want to block the range you need to see where the network starts and use a mask the included both IP addresses, the above two lie in 156.154.66.0/23.
Anyhow the addresses you've listed are the BBC name servers, not really much point blocking those.
FYI looks like the BBC use the following subnets, i'm sure there are more :-
AS2818 is used by the BBC
mac-pro:~ andy$ whois -h whois.radb.net – '-i origin AS2818' | grep ^route:
route: 132.185.0.0/16
route: 132.185.240.0/20
route: 132.185.128.0/20
route: 132.185.144.0/20
route: 212.58.224.0/19
route: 132.185.241.0/24
route: 212.58.224.0/24
route: 212.58.225.0/24
route: 212.58.226.0/24
route: 212.58.227.0/24
route: 212.58.228.0/24
route: 212.58.229.0/24
route: 212.58.230.0/24
route: 212.58.231.0/24
route: 212.58.232.0/24
route: 212.58.233.0/24
route: 212.58.234.0/24
route: 212.58.235.0/24
route: 212.58.236.0/24
route: 212.58.237.0/24
route: 212.58.238.0/24
route: 212.58.239.0/24
route: 212.58.240.0/24
route: 212.58.241.0/24
route: 212.58.242.0/24
route: 212.58.243.0/24
route: 212.58.244.0/24
route: 212.58.245.0/24
route: 212.58.246.0/24
route: 212.58.247.0/24
route: 212.58.248.0/24
route: 212.58.249.0/24
route: 212.58.250.0/24
route: 212.58.251.0/24
route: 212.58.252.0/24
route: 212.58.253.0/24
route: 212.58.254.0/24
route: 212.58.255.0/24
route: 212.58.224.0/20
route: 212.58.240.0/20
route: 132.185.240.0/24
route: 132.185.242.0/24
route: 132.185.243.0/24
route: 132.185.244.0/24
route: 132.185.245.0/24
route: 132.185.246.0/24
route: 132.185.247.0/24
route: 132.185.248.0/24
route: 132.185.249.0/24
route: 132.185.250.0/24
route: 132.185.251.0/24
route: 132.185.252.0/24
route: 132.185.253.0/24
route: 132.185.254.0/24
route: 132.185.255.0/24
route: 132.185.144.0/24
route: 132.185.145.0/24
route: 132.185.146.0/24
route: 132.185.147.0/24
route: 132.185.148.0/24
route: 132.185.149.0/24
route: 132.185.150.0/24
route: 132.185.151.0/24
route: 132.185.152.0/24
route: 132.185.153.0/24
route: 132.185.154.0/24
route: 132.185.155.0/24
route: 132.185.156.0/24
route: 132.185.157.0/24
route: 132.185.158.0/24
route: 132.185.159.0/24
route: 132.185.132.0/24mac-pro:~ andy$ whois -h whois.radb.net -- '-i origin AS2818' | grep ^route6:
route6: 2001:41c0::/32
route6: 2001:41c0::/33
route6: 2001:41c1::/32
mac-pro:~ andy$The IP addresses you list aren't using the BBC AS, they're using AS12008
route: 156.154.66.0/24
descr: Neustar Ultra Services
origin: AS12008
mnt-by: MAINT-AS12008
changed: lking@ultradns.com 20060926
source: RADBroute: 156.154.67.0/24
descr: Neustar Ultra Services
origin: AS12008
mnt-by: MAINT-AS12008
changed: lking@ultradns.com 20060926
source: RADB -
Wow excellent I bookmarked this tool for my own lists ;)
Many thanks
-
"if you want to block by IPv4 address only use 156.154.66.17**/24** &156.154.67.17**/24** or just the IP addresses."
Um if you want to block just the specific IP then the mask would be /32 not /24 or just the IP without a mask.
-
"if you want to block by IPv4 address only use 156.154.66.17**/24** &156.154.67.17**/24** or just the IP addresses."
Um if you want to block just the specific IP then the mask would be /32 not /24 or just the IP without a mask.
LOL indeed, trying to do 3 things at once
-
Yeah it happens ;) Just wanted to clarify it since users might take it as gospel vs just a typo…