Blocking these IP's
-
63.32.0.0/14 63.34.60.0/22 64.252.100.0/24 64.252.101.0/24 64.252.102.0/24 64.252.103.0/24 64.252.104.0/24 64.252.105.0/24 64.252.106.0/24 64.252.107.0/24 64.252.108.0/24 64.252.109.0/24 64.252.110.0/24 64.252.111.0/24 64.252.112.0/24 64.252.113.0/24 64.252.114.0/24 64.252.115.0/24 64.252.116.0/24 64.252.117.0/24 64.252.128.0/18 64.252.64.0/18 64.252.64.0/24 64.252.65.0/24 64.252.66.0/24 64.252.67.0/24 64.252.68.0/24 64.252.69.0/24 64.252.70.0/24 64.252.71.0/24 64.252.72.0/24 64.252.73.0/24 64.252.74.0/24 64.252.75.0/24 64.252.76.0/24 64.252.77.0/24 64.252.78.0/24 64.252.79.0/24 64.252.80.0/24 64.252.81.0/24 64.252.82.0/24 64.252.83.0/24 64.252.84.0/24 64.252.85.0/24 64.252.86.0/24 64.252.87.0/24 64.252.88.0/24 64.252.89.0/24 64.252.98.0/24 64.252.99.0/24 65.0.0.0/14 65.8.0.0/16 65.9.0.0/17 65.9.128.0/18 67.202.0.0/18 68.79.0.0/18 69.107.6.112/29 69.107.6.120/29 69.230.192.0/18 69.231.128.0/18 69.234.192.0/18 69.235.128.0/18 70.132.0.0/18 70.224.192.0/18 71.152.0.0/17 72.21.192.0/19 72.44.32.0/19 75.101.128.0/17 75.2.0.0/17 76.223.0.0/17 79.125.0.0/17 87.238.80.0/21 96.127.0.0/17 99.77.128.0/18 99.77.128.0/24 99.77.129.0/24 99.77.130.0/24 99.77.131.0/24 99.77.132.0/24 99.77.133.0/24 99.77.134.0/24 99.77.135.0/24 99.77.136.0/24 99.77.137.0/24 99.77.138.0/24 99.77.139.0/24 99.77.140.0/24 99.77.141.0/24 99.77.142.0/24 99.77.143.0/24 99.77.144.0/24 99.77.145.0/24 99.77.147.0/24 99.77.148.0/24 99.77.149.0/24 99.77.150.0/24 99.77.151.0/24 99.77.152.0/24 99.77.153.0/24 99.77.154.0/24 99.77.155.0/24 99.77.156.0/24 99.77.157.0/24 99.77.158.0/24 99.77.159.0/24 99.77.160.0/24 99.77.161.0/24 99.77.186.0/24 99.77.187.0/24 99.77.188.0/24 99.77.189.0/24 99.77.190.0/24 99.77.191.0/24 99.77.247.0/24 99.77.250.0/24 99.77.253.0/24 99.77.254.0/24 99.78.128.0/20 99.78.144.0/21 99.78.152.0/22 99.78.156.0/22 99.78.160.0/21 99.78.168.0/23 99.78.170.0/23 99.78.172.0/24 99.78.176.0/21 99.78.184.0/22 99.78.188.0/22 99.78.192.0/22 99.78.196.0/22 99.78.208.0/22 99.78.212.0/22 99.78.216.0/22 99.78.220.0/22 99.78.228.0/22 99.78.232.0/21 99.78.240.0/20 99.79.0.0/16 99.79.126.0/24 99.79.169.0/24 99.79.34.0/23 99.80.0.0/15 99.80.34.128/25 99.82.128.0/20 99.82.144.0/21 99.82.152.0/22 99.82.156.0/22 99.82.160.0/24 99.82.161.0/24 99.82.162.0/24 99.82.163.0/24 99.82.164.0/24 99.82.165.0/24 99.82.166.0/24 99.82.167.0/24 99.82.168.0/24 99.82.169.0/24 99.82.170.0/24 99.82.171.0/24 99.82.172.0/24 99.82.173.0/24 99.82.174.0/24 99.82.175.0/24 99.82.176.0/21 99.82.184.0/22 99.82.188.0/22 99.83.128.0/17 99.83.64.0/21 99.83.98.0/24 99.84.0.0/16 99.86.0.0/16 99.87.0.0/22 -
So what exactly do u want to achieve?
Ban all Amazon sources?
Have fun ordering some from em ;)U understand how a state firewall works?
Doesn't matter!
where do u see the
"bad IPs" connecting to your pfS box -
@noplan said in Blocking these IP's:
So what exactly do u want to achieve?
Ban all Amazon sources?
Have fun ordering some from em ;)U understand how a state firewall works?
Doesn't matter!
where do u see the
"bad IPs" connecting to your pfS boxJust let him be. If he wants to blocked all of it, it's his right to do so.
-
No smart devices, alexa, smart dimmers-switches, garage door openers, smart phones?
All of these access cloud services like amazon and others.
-
@Waqar-UK said in Blocking these IP's:
Well, I would like to know why is Amazon and cloudflare connecting to my network?
Hi,
These are very big CDN service providers too, their hands touch everything...
It is not recommended to block all traffic from / through
them, you may not know your other services that use these intermediate networks...... and then you will also block your favorite things.@Waqar-UK - I have the right to privacy (since I am not breaking the law) as others do
you just think it is, but I'll tell you no,.... unfortunately
They’ve killed the “TRICKBOT” network... recently (Microsoft DCU, NSA, ESET, Black Lotus Labs, etc) , it would be nice to ask them about your rights
-
OK, I have smartphones, tablets in my house. All Android OS. No other IOT devices.
Yes, I order a lot of stuff from Amazon UK. I will let it be then. I know that pfsense is blocking the trouble makers from my network. -
@Waqar-UK said in Blocking these IP's:
I will let it be then.
Good decision
++edit:
@Waqar-UK I know that pfsense is blocking the trouble makers from my network.pfSense basically rejects unwanted traffic on the WAN
but it still needs to be configured well because the human factor is always the problem side (see the first rule of hacking - look for weak human gaps) -
@Waqar-UK said in Blocking these IP's:
OK, I have smartphones, tablets in my house. All Android OS. No other IOT devices.
Yes, I order a lot of stuff from Amazon UK. I will let it be then. I know that pfsense is blocking the trouble makers from my network.Well a lot of my attackers used Azure and Amazon aws services. It look like the attackers came from official Microsoft or Amazon. Most people don't understand and allow those connections.
-
@AKEGEC said in Blocking these IP's:
and allow those connections.
u mean allow them (the hosts from AWS) connect on WAN 2 LAN ?
-
@noplan said in Blocking these IP's:
@AKEGEC said in Blocking these IP's:
and allow those connections.
u mean allow them (the hosts from AWS) connect on WAN 2 LAN ?
I mean blocked them if you don't use them. Anyway I just give him an option. If he want to unblock it's up to him.. it's the land of the free.
-
i feel ya !
the next step is to block the google crawler ip ranges ;)
if you have an open webserver behind your pfS box ;)
