VDS Firwall: Block ASN?

Ask questions about dedicated servers here and we and other users will do our best to answer them. Please also refer to the self-help section for tutorials and answers to the most commonly asked questions.
Post Reply
lithium720
A semi-regular
A semi-regular
Posts: 24
https://www.youtube.com/channel/UC40BgXanDqOYoVCYFDSTfHA
Joined: Mon Nov 18, 2013 10:17 am

VDS Firwall: Block ASN?

Post by lithium720 »

Some firewalls allow blocking of ASN's. Is this something we could get added to the control panel firewall if there is upstream tooling for it?

It would be a lot more convenient then using 3rd party software on the VDS itself.
Top
User avatar
Edge100x
Founder
Founder
Posts: 13071
Joined: Thu Apr 18, 2002 11:04 pm
Location: Seattle
Contact:
Contact Edge100x

Re: VDS Firwall: Block ASN?

Post by Edge100x »

I haven't played with other firewalls allowing this, but they would either have to do this by looking for BGP advertisements from that ASN and inserting those prefixes as a one-time event, or having an auto-update system performs the same operation at some interval. My guess is that most do the former.

Since we allow blocking a prefix list, it's pretty easy to do this yourself using one of the websites that will just list all the prefixes for you. Examples include https://bgp.he.net/ and https://hackertarget.com/as-ip-lookup/. Just..

1. Go to the Firewall page
2. Select "[Custom filter]" for rule #1 (if it is currently unused)
3. It should default to a blanked "Block" action, which is what you want; click "any remote ip" and change it to "remote ips:" to limit what it blocks
4. Paste in the list of prefixes that you found at one of the lookup sites
5. Add a helpful comment like "blocking AS45102 due to abusive bot behavior"
6. Click "Submit filter changes" at the bottom
Top
Post Reply

Return to “Dedicated servers and Virtual Dedicated Servers”