[asterisk-users] Being attacked by an Amazon EC2 ...

Remco Barendse asterisk at barendse.to
Sun Apr 11 17:25:05 CDT 2010


On Sun, 11 Apr 2010, Mark Smith wrote:

>
> Same this end from 184.73.17.150.
>
> Use this little piece of iptables magic to block the whole of Amazon's EC2 ip-
> range.
>
> iptables -F
> iptables -A INPUT -m iprange --src-range 216.182.224.0-216.182.239.255 -j DROP
> iptables -A INPUT -m iprange --src-range 72.44.32.0-72.44.63.255 -j DROP
> iptables -A INPUT -m iprange --src-range 67.202.0.0-67.202.63.255 -j DROP
> iptables -A INPUT -m iprange --src-range 75.101.128.0-75.101.255.255 -j DROP
> iptables -A INPUT -m iprange --src-range 174.129.0.0-174.129.255.255 -j DROP
> iptables -A INPUT -m iprange --src-range 204.236.192.0-204.236.255.255 -j DROP
> iptables -A INPUT -m iprange --src-range 184.73.0.0-184.73.255.255 -j DROP
> iptables -A INPUT -m iprange --src-range 216.236.128.0-216.236.191.255 -j DROP
> iptables -A INPUT -m iprange --src-range 184.72.0.0-184.72.63.255 -j DROP
> iptables -A INPUT -m iprange --src-range 79.125.0.0-79.125.127.255 -j DROP
> service iptables save
>
> This sorts it out in the short-term until Amazon realise their service is
> being utilised by arseholes.
>

Would this work if using Shorewall? What would a sane ruleset for 
Shorewall look like that implements some sort of rate limiting features?





More information about the asterisk-users mailing list