Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to block AS numbers??

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Cool_CoronaC
      Cool_Corona
      last edited by

      Hi

      A lot is asking about facebook.com and the easy way is blocking AS numbers.

      https://www.peeringdb.com/net/979

      If we could extract the IP's from a DB then pfblocker could be made to do that...

      It does it allredy on geoIP level defined by countries.

      How much work would it be??

      @BBcan177

      GertjanG johnpozJ 2 Replies Last reply Reply Quote 0
      • GertjanG
        Gertjan @Cool_Corona
        last edited by

        @cool_corona said in How to block AS numbers??:

        A lot is asking about facebook.com

        Yeah.
        Right.
        They even started to auto block themselves. It wasn't AS, most kids became BGP experts in one evening.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator @Cool_Corona
          last edited by

          @cool_corona said in How to block AS numbers??:

          easy way is blocking AS numbers.

          You can already do that with pfblocker..

          blockas.jpg

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          Cool_CoronaC 1 Reply Last reply Reply Quote 1
          • Cool_CoronaC
            Cool_Corona @johnpoz
            last edited by

            @johnpoz Outbound also?

            johnpozJ 1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator @Cool_Corona
              last edited by

              @cool_corona Just create an alias - use it how ever you want..

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • GertjanG
                Gertjan
                last edited by Gertjan

                Initially, this didn't work for me.
                The IP I used was 157.240.20.15, an IP from the 157.240.0.0/17 network, member of the AS32934.
                I switched from the to coffee : nothing helped.

                Then :

                41f92ebd-3958-4000-99d8-2afba7463842-image.png

                I'm using IPv6 - facebook uses IPv6. .... (slam head).

                After creating a 'AS32934' entry on the IPv6 tab, and reloaded of pfB.
                I didn't need to test ..... some one was already yelling in the building ....
                It's 17h08 : I'm off to home - I'll keep this one for the night ;)

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                GertjanG 1 Reply Last reply Reply Quote 0
                • GertjanG
                  Gertjan @Gertjan
                  last edited by

                  This AS filtering works pretty well.
                  Dono if it's perfect, but looking at the cheer number of firewall rule hits overnight, it did block a lot.
                  I have to remove it now, as people start to look in my direction.

                  Found this on the forum :

                  whois -h whois.radb.net -- '-i origin AS32934' | grep ^route | grep -v route6 | cut -d" " -f7 > /var/www/block_lists/facebook.txt
                  

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.