cancel
Showing results for 
Search instead for 
Did you mean: 

Filtering bogons and other undesirables

unaszplodrmann
Dabbler
Posts: 18
Thanks: 1
Registered: ‎24-07-2013

Filtering bogons and other undesirables

I use the netfilter ipset module and iptables to drop any incoming traffic from addresses covered by several blocklists. Since moving to Plus.net, I'm not seeing hits against the 'fullbogons' list from Team Cymru or the Spamhaus list. Are you filtering all bogons, including allocated but unassigned ranges, and/or the Spamhaus list at your end? I can stop wasting CPU cycles, if so Wink Now that my phone line has been fixed, I'll be running mail and web servers again, hence the filtering on my end...
4 REPLIES 4
bobpullen
Community Gaffer
Community Gaffer
Posts: 16,869
Thanks: 4,950
Fixes: 315
Registered: ‎04-04-2007

Re: Filtering bogons and other undesirables

We have Cloudmark mail filtering appliances in front of our inbound mail platform but I'm assuming that's not what you're referring to? I'm assuming it's direct SMTP mail to your IP that you're talking about. There will be protection across the broadband network but I can't tell you for sure whether we're relying on the two lists you're asking about. I can try and find out for you if you like (and assuming I've understood your question correctly)?

Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵

unaszplodrmann
Dabbler
Posts: 18
Thanks: 1
Registered: ‎24-07-2013

Re: Filtering bogons and other undesirables

Yeah, I'm referring to filtering in front of the broadband network. I would've expected packets with bogon source addresses to be hitting my firewall occasionally, if they weren't being blocked upstream. It's no big deal, more a case of protecting my low power server from aggressive bots, without running an IDS...
paulmh5
Plusnet Alumni (retired)
Plusnet Alumni (retired)
Posts: 170
Registered: ‎11-04-2011

Re: Filtering bogons and other undesirables

What IP ranges (or addresses) are you seeing?
I've misread "would've" as wouldn't have, yesterday was a long one.  Yes in answer to the question then, we do block bogons on the edge of the network, I think its about 13 prefixes at the moment.
Plusnet Staff - Lead Network Design/Delivery Engineer
unaszplodrmann
Dabbler
Posts: 18
Thanks: 1
Registered: ‎24-07-2013

Re: Filtering bogons and other undesirables

Thanks Smiley  I would've been a bit worried if you weren't filtering the basic reserved address spaces at the edge... The 'full bogons' list includes allocated but unassigned blocks and covers 4902 prefixes at last count. Given the lack of hits, I suspect that having iptables intercept all unsolicited traffic, on any port, from any netblock within the fullbogons list was a tad zealous on my part!  Grin