• Hi,

    Currently I use ET, Dshield and Talos IPv4 list but I have some scan reaching my router from IPv6 host (example : 240e:​f7:​4f01:​c:​:​3 ).

    Is there any list of IPv6 to add to PfBlockerNG ?

  • Galactic Empire

    That subnets been trying to hit my WAN /64 for the past few months.

    I've blocked China and a few other regions via GeoIP so they don't hit my IPsec & SFTP allow rules further down the list.

    Screenshot 2020-02-03 at 16.07.18.png

    Screenshot 2020-02-03 at 16.10.00.png

  • Blocking region is too much.
    I host web services with some visitors from Russia and China.

  • Galactic Empire


    Block the ISP via their ASN number.

    AS details for 240e:f7:4f01:c::3 :-

    route6: 240E::/24
    descr: China Telecom
    origin: AS4134
    mnt-by: MAINT-CT-GNOC
    changed: dougd@chinatelecom.cn 20180820 #08:22:54Z
    source: RADB

    route6: 240e::/20
    descr: CHINANET-IPv6-ROUTE
    origin: AS4134
    mnt-by: MAINT-CHINANET
    last-modified: 2018-08-21T08:05:25Z
    source: APNIC

    Monday, 3 February 2020 at 18:41:09 Greenwich Mean Time

    Screenshot 2020-02-03 at 18.43.10.png