Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Simple tool to help with creating firewall rule aliases based on Name/ASN

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Brak
      last edited by

      Not sure if this will be as useful to others as it was me, but I created a small website to pull all netblocks/prefixes of a service into a text file URL. I've used to this to block social networking with schedule based firewall rules, and also bypass transparent proxy services on services that sometimes break even if you can't cache them (cough netflix Apple TV traffic cough).

      You can check it out at http://asn.blawk.net

      It's simple to use, you just tack on the ASN number:

      Netflix: http://asn.blawk.net/2906
      Facebook: http://asn.blawk.net/32934
      Level3: http://asn.blawk.net/3356

      Let me know if anyone has any issues or feature requests.

      1 Reply Last reply Reply Quote 2
      • BBcan177B
        BBcan177 Moderator
        last edited by

        Hurricane Electric also has this feature. What is the source of the IPs that you are using? You can also use lists like this in pfBlockerNG to collect these IPs on a frequency and create the Firewall Rules accordingly.

        Here is one example:
        http://bgp.he.net/search?search%5Bsearch%5D=facebook&commit=Search

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • B
          Brak
          last edited by

          @BBcan177:

          Hurricane Electric also has this feature. What is the source of the IPs that you are using? You can also use lists like this in pfBlockerNG to collect these IPs on a frequency and create the Firewall Rules accordingly.

          Here is one example:
          http://bgp.he.net/search?search%5Bsearch%5D=facebook&commit=Search

          It uses the routeviews.org data.

          And yeah, HE's setup is what I normally use, but I wanted a pure text file output of the data.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.