Forum List Message List New Topic Print View

CJ Ess

November 18, 2016 02:46PM

OVH and Hetzner CIDR lists from RIPE are huge because of all the tiny
subnets - however they compress down really well if you merge all the
adjacent networks, you end up with a few dozen entires each. Whatever set
of CIDRs you are putting in a set, always merge them unless you need to
know which specific range in your source list was hit, thats my advice.

My experience is that both OVH and Hetzner take abuse complaints seriously
and if you make the effort to contact them then they will either compel
their customers to respond to you or cut them off if they can't be
contacted. However when you get to the former eastern block countries and
onward that doesn't happen - maybe Google Translate is just really bad at
Indo-European languages, but I suspect its more cultural.

On Tue, Nov 8, 2016 at 6:15 PM, <lists@lazygranch.com> wrote:

> Is that 2.2 million CIDRs, or actual addresses?
>
> I use IPFW with tables for about 20k CIDRs. I don't see any significant
> server load. It seems to me nginx has a big enough task that it makes sense
> to offload the blocking to something that is more tightly integrated to the
> OS.
>
> At a bare minimum, block OVH and Hetzner. People bash the Russians and old
> Soviet block countries for hacking, but OVH and Hetzner are far worse.
>
>
> Original Message
> From: mayak
> Sent: Tuesday, November 8, 2016 2:58 PM
> To: nginx@nginx.org
> Reply To: nginx@nginx.org
> Subject: Re: Blocking tens of thousands of IP's
>
> On 11/08/2016 07:28 PM, Jonathan Vanasco wrote:
> > On Nov 4, 2016, at 5:43 AM, mex wrote:
> >
> >> we do a similar thing but keep a counter within nginx (lua_shared_dict
> FTW)
> >> and export this stuff via /badass - location.
> >>
> >> although its not realtime we have a delay of 5 sec which is enough for
> us
> <snip>
> We are blocking 2.2 million addresses, however, we do it at the
> firewall/router (pfsense pfBlocker).
>
> Ultra fast.
>
> HTH
>
> Mayak
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 11:18AM
Re: Blocking tens of thousands of IP's	CJ Ess	November 01, 2016 05:40PM
Re: Blocking tens of thousands of IP's	jeffdyke	November 01, 2016 05:48PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 05:50PM
Re: Blocking tens of thousands of IP's	Lucas Rolff	November 01, 2016 05:54PM
Re: Blocking tens of thousands of IP's	mex	November 04, 2016 05:37AM
Re: Blocking tens of thousands of IP's	Rainer Duffner	November 01, 2016 05:52PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 06:36PM
Re: Blocking tens of thousands of IP's	Rainer Duffner	November 01, 2016 06:42PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 06:44PM
Re: Blocking tens of thousands of IP's	Rainer Duffner	November 01, 2016 06:56PM
RE: Blocking tens of thousands of IP's	Cox, Eric S	November 01, 2016 06:58PM
Re: Blocking tens of thousands of IP's	gariac	November 01, 2016 07:00PM
Re: Blocking tens of thousands of IP's	Tom Thorogood	November 01, 2016 07:06PM
Re: Blocking tens of thousands of IP's	gariac	November 01, 2016 06:48PM
Re: RE: Blocking tens of thousands of IP's	mex	November 04, 2016 05:43AM
Re: Blocking tens of thousands of IP's	Jonathan Vanasco	November 08, 2016 01:30PM
Re: Blocking tens of thousands of IP's	mayak	November 08, 2016 06:00PM
Re: Blocking tens of thousands of IP's	mex	November 15, 2016 01:09AM
Re: Blocking tens of thousands of IP's	gariac	November 08, 2016 06:16PM
Re: Blocking tens of thousands of IP's	CJ Ess	November 18, 2016 02:46PM
Re: Blocking tens of thousands of IP's	Maxim Dounin	November 02, 2016 08:58AM
Re: Blocking tens of thousands of IP's	gariac	November 01, 2016 06:28PM
Re: Blocking tens of thousands of IP's	Francis Daly	November 03, 2016 03:02PM
Re: Blocking tens of thousands of IP's	noci	November 23, 2016 09:33AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 304

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018