From owner-freebsd-ipfw@freebsd.org Sat Aug 3 23:59:22 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EBB04BEB6A for ; Sat, 3 Aug 2019 23:59:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 461Lbt60Y4z3NJS for ; Sat, 3 Aug 2019 23:59:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id CDF2CBEB69; Sat, 3 Aug 2019 23:59:22 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CDBCABEB67 for ; Sat, 3 Aug 2019 23:59:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 461Lbt56hyz3NJR for ; Sat, 3 Aug 2019 23:59:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 918AB22C1B for ; Sat, 3 Aug 2019 23:59:22 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x73NxMNT089612 for ; Sat, 3 Aug 2019 23:59:22 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x73NxM41089611 for ipfw@FreeBSD.org; Sat, 3 Aug 2019 23:59:22 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 239590] ipfw rule doesn't forward TCP connections made through the host's LAN address Date: Sat, 03 Aug 2019 23:59:22 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: yuri@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: version Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Aug 2019 23:59:23 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239590 Yuri Victorovich changed: What |Removed |Added ---------------------------------------------------------------------------- Version|11.2-STABLE |12.0-STABLE --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Sun Aug 4 21:00:30 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BA1F7B1899 for ; Sun, 4 Aug 2019 21:00:30 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 461tb24XgZz3NQj for ; Sun, 4 Aug 2019 21:00:30 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.nyi.freebsd.org (Postfix) id 9BCA9B1898; Sun, 4 Aug 2019 21:00:30 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 9B958B1897 for ; Sun, 4 Aug 2019 21:00:30 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 461tb23fkGz3NQb for ; Sun, 4 Aug 2019 21:00:30 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6115F92EA for ; Sun, 4 Aug 2019 21:00:30 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x74L0Uqd011524 for ; Sun, 4 Aug 2019 21:00:30 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x74L0U6j011516 for ipfw@FreeBSD.org; Sun, 4 Aug 2019 21:00:30 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201908042100.x74L0U6j011516@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: ipfw@FreeBSD.org Subject: Problem reports for ipfw@FreeBSD.org that need special attention Date: Sun, 4 Aug 2019 21:00:30 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Aug 2019 21:00:30 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- New | 215875 | [ipfw] ipfw lookup tables do not support mbuf_tag New | 232764 | [ipfw] share/examples/ipfw/change_rules.sh: Suppo 2 problems total for which you should take action. From owner-freebsd-ipfw@freebsd.org Tue Aug 6 12:41:52 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 81D57C163B for ; Tue, 6 Aug 2019 12:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 462vQm2vx7z40x8 for ; Tue, 6 Aug 2019 12:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 6188EC163A; Tue, 6 Aug 2019 12:41:52 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 60230C1639 for ; Tue, 6 Aug 2019 12:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 462vQm122Qz40x6 for ; Tue, 6 Aug 2019 12:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 069D22C0B2 for ; Tue, 6 Aug 2019 12:41:52 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x76CfpGu041569 for ; Tue, 6 Aug 2019 12:41:51 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x76CfpuH041568 for ipfw@FreeBSD.org; Tue, 6 Aug 2019 12:41:51 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 239506] ipfw logging doesn't work Date: Tue, 06 Aug 2019 12:41:52 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Aug 2019 12:41:52 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239506 --- Comment #10 from Andrey V. Elsukov --- Created attachment 206306 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D206306&action= =3Dedit Proposed patch (untested) Can you try this patch? It adds to ipfw_nat module support of logging via ipfwlog0. You need to rebuild kernel or ipfw_nat kernel module, then create ipfwlog0 interface and enable logging with "log" keyword in the nat instance. Then you can capture packets before translation and after. The only exception is "nat global", packets before translation will not be captured for such configuration. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Tue Aug 6 21:55:17 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 36E22CB0C1 for ; Tue, 6 Aug 2019 21:55:17 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 4637jJ6WV4z4XRR for ; Tue, 6 Aug 2019 21:55:16 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: by mailman.nyi.freebsd.org (Postfix) id DDBDBCB0C0; Tue, 6 Aug 2019 21:55:16 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DD7A5CB0BF for ; Tue, 6 Aug 2019 21:55:16 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: from mx1.dismail.de (mx1.dismail.de [78.46.223.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.dismail.de", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4637jH3l9Wz4XRP for ; Tue, 6 Aug 2019 21:55:14 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: from dismail.de (localhost [127.0.0.1]) by dismail.de (OpenSMTPD) with ESMTP id 96b1a21d for ; Tue, 6 Aug 2019 23:55:12 +0200 (CEST) Received: from smtp2.dismail.de (10.240.26.12 [10.240.26.12]) by mx1.dismail.de (OpenSMTPD) with ESMTP id ed002381 for ; Tue, 6 Aug 2019 23:55:12 +0200 (CEST) Received: from smtp2.dismail.de (localhost [127.0.0.1]) by smtp2.dismail.de (OpenSMTPD) with ESMTP id 3a57d488 for ; Tue, 6 Aug 2019 23:55:12 +0200 (CEST) Received: by dismail.de (OpenSMTPD) with ESMTPSA id 00a1d3cf (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Tue, 6 Aug 2019 23:55:11 +0200 (CEST) Date: Tue, 6 Aug 2019 17:55:06 -0400 From: To: "ipfw@FreeBSD.org" Subject: amazonaws Message-ID: <20190806175506.7757e863@dismail.de> X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4637jH3l9Wz4XRP X-Spamd-Bar: ------- X-Spamd-Result: default: False [-7.85 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[dismail.de:s=201701]; RCVD_TLS_LAST(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:78.46.223.134]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[ipfw@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_LOW(-1.00)[dismail.de.dwl.dnswl.org : 127.0.5.1]; RCVD_COUNT_THREE(0.00)[4]; IP_SCORE(-2.75)[ip: (-9.91), ipnet: 78.46.0.0/15(-2.04), asn: 24940(-1.81), country: DE(-0.01)]; DKIM_TRACE(0.00)[dismail.de:+]; DMARC_POLICY_ALLOW(-0.50)[dismail.de,reject]; FROM_NO_DN(0.00)[]; NEURAL_HAM_SHORT(-0.99)[-0.995,0]; TO_DN_EQ_ADDR_ALL(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[134.223.46.78.list.dnswl.org : 127.0.5.1]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:78.46.0.0/15, country:DE]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Aug 2019 21:55:17 -0000 Hi! Is it possible to bl;ock compute.amazonasws.com with ipfw firewall. I have a table with many amazonasws IPs but every time when I start Firefox it shows the new one (I am checkong with tcpdump). Thank you. --=20 =E2=80=9CHungry man, reach for the book: it is a weapon.=E2=80=9D=20 =E2=80=95 Bertolt Brecht From owner-freebsd-ipfw@freebsd.org Tue Aug 6 12:47:19 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id CFAF8C1824 for ; Tue, 6 Aug 2019 12:47:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 462vY359k9z412k for ; Tue, 6 Aug 2019 12:47:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id AFCBDC1823; Tue, 6 Aug 2019 12:47:19 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AF8CDC1821 for ; Tue, 6 Aug 2019 12:47:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 462vY34BD5z412h for ; Tue, 6 Aug 2019 12:47:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6D2622C212 for ; Tue, 6 Aug 2019 12:47:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x76ClJnX054252 for ; Tue, 6 Aug 2019 12:47:19 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x76ClJio054249 for ipfw@FreeBSD.org; Tue, 6 Aug 2019 12:47:19 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 239506] ipfw logging doesn't work Date: Tue, 06 Aug 2019 12:47:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 12.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: ae@FreeBSD.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: ipfw@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: attachments.isobsolete attachments.created Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Aug 2019 12:47:19 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D239506 Andrey V. Elsukov changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #206306|0 |1 is obsolete| | --- Comment #11 from Andrey V. Elsukov --- Created attachment 206307 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D206307&action= =3Dedit Proposed patch (untested) Added rule number to the logging info. --=20 You are receiving this mail because: You are the assignee for the bug.= From owner-freebsd-ipfw@freebsd.org Wed Aug 7 01:23:04 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B9A94B9777 for ; Wed, 7 Aug 2019 01:23:04 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 463DK42Dsdz41yf for ; Wed, 7 Aug 2019 01:23:04 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: by mailman.nyi.freebsd.org (Postfix) id 4CB42B9776; Wed, 7 Aug 2019 01:23:04 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4C6E7B9773 for ; Wed, 7 Aug 2019 01:23:04 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 463DK30V2Xz41yd for ; Wed, 7 Aug 2019 01:23:02 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id x771MUGd085113; Tue, 6 Aug 2019 18:22:30 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id x771MUD9085112; Tue, 6 Aug 2019 18:22:30 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201908070122.x771MUD9085112@gndrsh.dnsmgr.net> Subject: Re: amazonaws In-Reply-To: <20190806175506.7757e863@dismail.de> To: starikarp@dismail.de Date: Tue, 6 Aug 2019 18:22:30 -0700 (PDT) CC: "ipfw@FreeBSD.org" X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 463DK30V2Xz41yd X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [0.60 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.25)[-0.246,0]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.17)[0.170,0]; NEURAL_HAM_LONG(-0.27)[-0.267,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.04)[ip: (0.14), ipnet: 69.59.192.0/19(0.07), asn: 13868(0.05), country: US(-0.05)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Aug 2019 01:23:04 -0000 > Hi! > > Is it possible to bl;ock compute.amazonasws.com with ipfw firewall. I > have a table with many amazonasws IPs but every time when I start > Firefox it shows the new one (I am checkong with tcpdump). Since it is almost impossible to keep up with the IP's that this may result in perhaps changing /etc/host.conf to be hosts dns and then: echo "127.0.0.1 compute.amazonasws.com" >>/etc/hosts would achive your disire to not be accessing those systems. This method can be implemented on almost any OS, including windows. Regards, -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-ipfw@freebsd.org Wed Aug 7 01:43:07 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E3395BA4CF for ; Wed, 7 Aug 2019 01:43:07 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 463DmC51v0z43Ym for ; Wed, 7 Aug 2019 01:43:07 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: by mailman.nyi.freebsd.org (Postfix) id AC66CBA4CC; Wed, 7 Aug 2019 01:43:07 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AC2B4BA4CB for ; Wed, 7 Aug 2019 01:43:07 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 463DmB6C2tz43Yk for ; Wed, 7 Aug 2019 01:43:06 +0000 (UTC) (envelope-from kudzu@tenebras.com) Received: by mail-qt1-x831.google.com with SMTP id a15so86694950qtn.7 for ; Tue, 06 Aug 2019 18:43:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tenebras-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+3sbR/ImVesEevaXJZUzrYkdp1sM7qbde8wT+c9Opd8=; b=tRimH6jNiXXde0/RQfbupn2lQcuawxEH94MGFEwFNhPo3SRCMOXppb4/Sx0IjKHbcu P1dcVXMo1r0oSAUDpHxIf2aIokR0UyO20UnVrYuUqwTPoMHjZUm1eHd0/prJ7Z1Ut/Px u/lLUtNIrvKKa/YalCmzGvKnGeHyg1+D/B/jbKZXq3/E06X++5NK6skagyVWNgAbx9dd +U0KkaB4DeF8Fjkw7E+03aEiE2BgFEnGUReDDNwUN8+XRz+pke3bTlZqHSYhlVFOYj4x yyHwa3eYPggFv1GyyLHOwtpOqVVVJgVVZ+26NIC7ZYmp+lyhXxbRxA4plfy/yTGHDHSx s3MA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+3sbR/ImVesEevaXJZUzrYkdp1sM7qbde8wT+c9Opd8=; b=F/MeMW0ncPNUDbQ+63RB716oN1o4F+7VNDylGbk8SrNCM9eOE08zs2fzrxhnxdhJAM a4lkxYSjo4pSvx13rFfrIaQNeRbc5dA5VgzkxFmzLHxTMypo0fHbAZHEiE1q90EUtHKr cirw2cBKkHnn9yJvMH9u1YyTLqKQbE2w2S84BLfX5bj24v46ZMSjpGdoI7lu3b/kRel7 s1/zYhPfVAzHI54OW3p+7uLv8mg+sFxul0qwzwrKcE4ZsF9J+GmZwOYi7RuPCLxS8e9F HzeGArrGnD/077EuhaiKzqBMH5sIVvVoDBvCgXCmNG8V0O2i9ApQaLPTzD1RrKOc/F++ 1B9w== X-Gm-Message-State: APjAAAXZihVbFARm1pUUBhr1xWKmbX3vZMTwZ0aiH8pXLU+e1uRo/6t3 zs6k4t3I7LWx6lhrraZ5XX/odUkPisabcSvYFAeNH/CXYS4wjQ== X-Google-Smtp-Source: APXvYqyub+3twes2xJzsMgqlyK/WLjbMI+r9V/mLVidAvsRsnaM6tnydCVdgeBsVArRz2pz7Pc7GVMZXKvxQh0WeE8o= X-Received: by 2002:a0c:b159:: with SMTP id r25mr5674156qvc.219.1565142185597; Tue, 06 Aug 2019 18:43:05 -0700 (PDT) MIME-Version: 1.0 References: <20190806175506.7757e863@dismail.de> <201908070122.x771MUD9085112@gndrsh.dnsmgr.net> In-Reply-To: <201908070122.x771MUD9085112@gndrsh.dnsmgr.net> From: Michael Sierchio Date: Tue, 6 Aug 2019 18:42:29 -0700 Message-ID: Subject: Re: amazonaws To: "Rodney W. Grimes" Cc: starikarp@dismail.de, "ipfw@FreeBSD.org" X-Rspamd-Queue-Id: 463DmB6C2tz43Yk X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=tenebras-com.20150623.gappssmtp.com header.s=20150623 header.b=tRimH6jN; dmarc=none; spf=none (mx1.freebsd.org: domain of kudzu@tenebras.com has no SPF policy when checking 2607:f8b0:4864:20::831) smtp.mailfrom=kudzu@tenebras.com X-Spamd-Result: default: False [-5.28 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; R_DKIM_ALLOW(-0.20)[tenebras-com.20150623.gappssmtp.com:s=20150623]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[ipfw@freebsd.org]; DMARC_NA(0.00)[tenebras.com]; URI_COUNT_ODD(1.00)[5]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[tenebras-com.20150623.gappssmtp.com:+]; NEURAL_HAM_SHORT(-1.00)[-0.999,0]; RCVD_IN_DNSWL_NONE(0.00)[1.3.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; IP_SCORE(-2.98)[ip: (-9.37), ipnet: 2607:f8b0::/32(-3.05), asn: 15169(-2.45), country: US(-0.05)]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Aug 2019 01:43:07 -0000 On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > Hi! > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw firewall. I > > have a table with many amazonasws IPs but every time when I start > > Firefox it shows the new one (I am checkong with tcpdump). > > Since it is almost impossible to keep up with the IP's.... > This is not even remotely true. https://ip-ranges.amazonaws.com/ip-ranges.json is kept up-to-date, and you can subscribe to an SNS topic to be notified of changes: arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged You could put the entire contents, or a portion of it, in an ipfw table and swap tables atomically upon change. --=20 "Well," Brahm=C4=81 said, "even after ten thousand explanations, a fool is = no wiser, but an intelligent person requires only two thousand five hundred." - The Mah=C4=81bh=C4=81rata From owner-freebsd-ipfw@freebsd.org Wed Aug 7 05:09:18 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6EE15BEC6B for ; Wed, 7 Aug 2019 05:09:18 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 463KL56nrnz4F6Z for ; Wed, 7 Aug 2019 05:09:17 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: by mailman.nyi.freebsd.org (Postfix) id E7625BEC69; Wed, 7 Aug 2019 05:09:17 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E7284BEC66 for ; Wed, 7 Aug 2019 05:09:17 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 463KL50RBFz4F6Y for ; Wed, 7 Aug 2019 05:09:16 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id x7759AXH085977; Tue, 6 Aug 2019 22:09:10 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id x77599mf085976; Tue, 6 Aug 2019 22:09:09 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201908070509.x77599mf085976@gndrsh.dnsmgr.net> Subject: Re: amazonaws In-Reply-To: <201908070459.x774xLDT085942@gndrsh.dnsmgr.net> To: "Rodney W. Grimes" Date: Tue, 6 Aug 2019 22:09:09 -0700 (PDT) CC: Michael Sierchio , "ipfw@FreeBSD.org" , starikarp@dismail.de X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 463KL50RBFz4F6Y X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [0.86 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.08)[-0.083,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-0.48)[-0.476,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; NEURAL_SPAM_SHORT(0.48)[0.478,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.04)[ip: (0.15), ipnet: 69.59.192.0/19(0.07), asn: 13868(0.05), country: US(-0.05)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Aug 2019 05:09:18 -0000 > > On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < > > freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > > > > > Hi! > > > > > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw firewall. I > > > > have a table with many amazonasws IPs but every time when I start > > > > Firefox it shows the new one (I am checkong with tcpdump). > > > > > > Since it is almost impossible to keep up with the IP's.... > > > > > > > This is not even remotely true. > > > > https://ip-ranges.amazonaws.com/ip-ranges.json ^^^ > > > > is kept up-to-date, and you can subscribe to an SNS topic to be notified of > > changes: > > That is ALL amazon address space, not the specific "compute.amazonasws.com" ^^^^ > address only. I do not see how you can derive the valid values of this > from the presented URL. Notice the small descrete non equal domain name? This is not even amazon aws at all, only made to look like it: Domain Name: amazonasws.com Registry Domain ID: 1907818131_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.psi-usa.info Registrar URL: https://www.psi-usa.info Updated Date: 2019-07-01T05:31:07Z Creation Date: 2015-03-06T19:40:26Z Registrar Registration Expiration Date: 2020-03-06T19:40:26Z Registrar: PSI-USA, Inc. dba Domain Robot Registrar IANA ID: 151 Registrar Abuse Contact Email: domain-abuse@psi-usa.info Registrar Abuse Contact Phone: +49.94159559482 Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited Registry Registrant ID: REDACTED FOR PRIVACY Registrant Name: REDACTED FOR PRIVACY Registrant Organization: HUSH IP LLC Registrant Street: REDACTED FOR PRIVACY Registrant City: REDACTED FOR PRIVACY Registrant State/Province: AZ Registrant Postal Code: REDACTED FOR PRIVACY Registrant Country: US Registrant Phone: REDACTED FOR PRIVACY Registrant Phone Ext: REDACTED FOR PRIVACY Registrant Fax: REDACTED FOR PRIVACY Registrant Fax Ext: REDACTED FOR PRIVACY Registrant Email: https://contact.domain-robot.org/amazonasws.com Registry Admin ID: REDACTED FOR PRIVACY Admin Name: REDACTED FOR PRIVACY Admin Organization: REDACTED FOR PRIVACY Admin Street: REDACTED FOR PRIVACY Admin City: REDACTED FOR PRIVACY Admin State/Province: REDACTED FOR PRIVACY Admin Postal Code: REDACTED FOR PRIVACY Admin Country: REDACTED FOR PRIVACY Admin Phone: REDACTED FOR PRIVACY Admin Phone Ext: REDACTED FOR PRIVACY Admin Fax: REDACTED FOR PRIVACY Admin Fax Ext: REDACTED FOR PRIVACY Admin Email: https://contact.domain-robot.org/amazonasws.com Registry Tech ID: REDACTED FOR PRIVACY Tech Name: REDACTED FOR PRIVACY Tech Organization: REDACTED FOR PRIVACY Tech Street: REDACTED FOR PRIVACY Tech City: REDACTED FOR PRIVACY Tech State/Province: REDACTED FOR PRIVACY Tech Postal Code: REDACTED FOR PRIVACY Tech Country: REDACTED FOR PRIVACY Tech Phone: REDACTED FOR PRIVACY Tech Phone Ext: REDACTED FOR PRIVACY Tech Fax: REDACTED FOR PRIVACY Tech Fax Ext: REDACTED FOR PRIVACY Tech Email: https://contact.domain-robot.org/amazonasws.com Name Server: ns1.parkingcrew.net Name Server: ns2.parkingcrew.net DNSSEC: unsigned URL of the ICANN WHOIS Data Problem Reporting System: https://wdprs.internic.net/ >>> Last update of WHOIS database: 2019-08-07T05:03:35Z <<< > > > arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged > > > > > > > > You could put the entire contents, or a portion of it, in an ipfw table and > > swap tables atomically upon change. > > Which would block ALL amazon hosted services, not just the specific > that is "compute". > > # drill compute.amazonasws.com > ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 35891 > ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 > ;; QUESTION SECTION: > ;; compute.amazonasws.com. IN A > > ;; ANSWER SECTION: > compute.amazonasws.com. 600 IN A 185.53.179.8 > > ;; AUTHORITY SECTION: > amazonasws.com. 172799 IN NS ns2.parkingcrew.net. > amazonasws.com. 172799 IN NS ns1.parkingcrew.net. > > ;; ADDITIONAL SECTION: > ns1.parkingcrew.net. 300 IN A 13.248.158.159 > > > Which I believe to be an advertising sprinkler used by all > sorts of stuff to spam your browser with a random ad page. Defanitly confirmed, each open of the url: http://compute.amazonasws.com takes you to a new spam ad > > > > -- > > > > "Well," Brahm? said, "even after ten thousand explanations, a fool is no > > wiser, but an intelligent person requires only two thousand five hundred." > > > > - The Mah?bh?rata > > _______________________________________________ > > freebsd-ipfw@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > > > > > -- > Rod Grimes rgrimes@freebsd.org > -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-ipfw@freebsd.org Wed Aug 7 05:33:45 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 161EFBF4C1 for ; Wed, 7 Aug 2019 05:33:45 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 463KtJ5bCFz4G8g for ; Wed, 7 Aug 2019 05:33:44 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: by mailman.nyi.freebsd.org (Postfix) id BFCC0BF4C0; Wed, 7 Aug 2019 05:33:44 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BF8A8BF4BF for ; Wed, 7 Aug 2019 05:33:44 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 463KtH5RJJz4G8f for ; Wed, 7 Aug 2019 05:33:43 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id x774xMXA085943; Tue, 6 Aug 2019 21:59:22 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id x774xLDT085942; Tue, 6 Aug 2019 21:59:21 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201908070459.x774xLDT085942@gndrsh.dnsmgr.net> Subject: Re: amazonaws In-Reply-To: To: Michael Sierchio Date: Tue, 6 Aug 2019 21:59:21 -0700 (PDT) CC: "Rodney W. Grimes" , "ipfw@FreeBSD.org" , starikarp@dismail.de X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 463KtH5RJJz4G8f X-Spamd-Bar: ++++++++++ Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [10.14 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; GREYLIST(0.00)[pass,body]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.93)[0.935,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.95)[0.951,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.81)[0.807,0]; URIBL_SBL(6.50)[parkingcrew.net]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.05)[ip: (0.15), ipnet: 69.59.192.0/19(0.08), asn: 13868(0.05), country: US(-0.05)]; RCVD_COUNT_TWO(0.00)[2] X-Spam: Yes X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Aug 2019 05:33:45 -0000 > On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < > freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > > > Hi! > > > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw firewall. I > > > have a table with many amazonasws IPs but every time when I start > > > Firefox it shows the new one (I am checkong with tcpdump). > > > > Since it is almost impossible to keep up with the IP's.... > > > > This is not even remotely true. > > https://ip-ranges.amazonaws.com/ip-ranges.json > > is kept up-to-date, and you can subscribe to an SNS topic to be notified of > changes: That is ALL amazon address space, not the specific "compute.amazonasws.com" address only. I do not see how you can derive the valid values of this from the presented URL. > arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged > > > > You could put the entire contents, or a portion of it, in an ipfw table and > swap tables atomically upon change. Which would block ALL amazon hosted services, not just the specific that is "compute". # drill compute.amazonasws.com ;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 35891 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;; compute.amazonasws.com. IN A ;; ANSWER SECTION: compute.amazonasws.com. 600 IN A 185.53.179.8 ;; AUTHORITY SECTION: amazonasws.com. 172799 IN NS ns2.parkingcrew.net. amazonasws.com. 172799 IN NS ns1.parkingcrew.net. ;; ADDITIONAL SECTION: ns1.parkingcrew.net. 300 IN A 13.248.158.159 Which I believe to be an advertising sprinkler used by all sorts of stuff to spam your browser with a random ad page. > -- > > "Well," Brahm? said, "even after ten thousand explanations, a fool is no > wiser, but an intelligent person requires only two thousand five hundred." > > - The Mah?bh?rata > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > -- Rod Grimes rgrimes@freebsd.org From owner-freebsd-ipfw@freebsd.org Fri Aug 9 09:11:14 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 42781C3292 for ; Fri, 9 Aug 2019 09:11:14 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 464fcK6MZHz4HG0 for ; Fri, 9 Aug 2019 09:11:13 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: by mailman.nyi.freebsd.org (Postfix) id DA7C1C3290; Fri, 9 Aug 2019 09:11:13 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DA43AC328F for ; Fri, 9 Aug 2019 09:11:13 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: from mx1.dismail.de (mx1.dismail.de [78.46.223.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx1.dismail.de", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 464fcJ5BX6z4HFs for ; Fri, 9 Aug 2019 09:11:12 +0000 (UTC) (envelope-from starikarp@dismail.de) Received: from dismail.de (localhost [127.0.0.1]) by dismail.de (OpenSMTPD) with ESMTP id 49ad3807; Fri, 9 Aug 2019 11:11:09 +0200 (CEST) Received: from smtp1.dismail.de (10.240.26.11 [10.240.26.11]) by mx1.dismail.de (OpenSMTPD) with ESMTP id 093aead8; Fri, 9 Aug 2019 11:11:09 +0200 (CEST) Received: from smtp1.dismail.de (localhost [127.0.0.1]) by smtp1.dismail.de (OpenSMTPD) with ESMTP id d0afe0a7; Fri, 9 Aug 2019 11:11:09 +0200 (CEST) Received: by dismail.de (OpenSMTPD) with ESMTPSA id a4ee8283 (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Fri, 9 Aug 2019 11:11:08 +0200 (CEST) Date: Fri, 9 Aug 2019 05:11:02 -0400 From: To: Michael Sierchio Cc: "Rodney W. Grimes" , "ipfw@FreeBSD.org" Subject: Re: amazonaws Message-ID: <20190809051102.7127a793@dismail.de> In-Reply-To: References: <20190806175506.7757e863@dismail.de> <201908070122.x771MUD9085112@gndrsh.dnsmgr.net> X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; amd64-portbld-freebsd12.0) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 464fcJ5BX6z4HFs X-Spamd-Bar: ------- X-Spamd-Result: default: False [-7.85 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; R_DKIM_ALLOW(-0.20)[dismail.de:s=201701]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:78.46.223.134]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_LOW(-1.00)[dismail.de.dwl.dnswl.org : 127.0.5.1]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[dismail.de:+]; DMARC_POLICY_ALLOW(-0.50)[dismail.de,reject]; FROM_NO_DN(0.00)[]; NEURAL_HAM_SHORT(-0.99)[-0.995,0]; IP_SCORE(-2.76)[ip: (-9.91), ipnet: 78.46.0.0/15(-2.05), asn: 24940(-1.82), country: DE(-0.01)]; RCVD_IN_DNSWL_LOW(-0.10)[134.223.46.78.list.dnswl.org : 127.0.5.1]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:78.46.0.0/15, country:DE]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Aug 2019 09:11:14 -0000 On Tue, 6 Aug 2019 18:42:29 -0700 Michael Sierchio wrote: > On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < > freebsd-rwg@gndrsh.dnsmgr.net> wrote: >=20 > > > Hi! > > > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw > > > firewall. I have a table with many amazonasws IPs but every time > > > when I start Firefox it shows the new one (I am checkong with > > > tcpdump). > > > > Since it is almost impossible to keep up with the IP's.... > > >=20 > This is not even remotely true. >=20 > https://ip-ranges.amazonaws.com/ip-ranges.json >=20 > is kept up-to-date, and you can subscribe to an SNS topic to be > notified of changes: >=20 > arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged >=20 >=20 >=20 > You could put the entire contents, or a portion of it, in an ipfw > table and swap tables atomically upon change. >=20 I did try but there are not just compute.amazonasws.com as Rodney W. Grimesand wrote and with all blockings come more problems. --=20 =E2=80=9CHungry man, reach for the book: it is a weapon.=E2=80=9D=20 =E2=80=95 Bertolt Brecht From owner-freebsd-ipfw@freebsd.org Fri Aug 9 16:48:45 2019 Return-Path: Delivered-To: freebsd-ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 21F6ACCE54 for ; Fri, 9 Aug 2019 16:48:45 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from mailman.nyi.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 464rmD5rmNz3HN9 for ; Fri, 9 Aug 2019 16:48:44 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: by mailman.nyi.freebsd.org (Postfix) id C6D6FCCE53; Fri, 9 Aug 2019 16:48:44 +0000 (UTC) Delivered-To: ipfw@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C6983CCE52 for ; Fri, 9 Aug 2019 16:48:44 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 464rmB5h2vz3HN8 for ; Fri, 9 Aug 2019 16:48:42 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id x79GmY3L098261; Fri, 9 Aug 2019 09:48:34 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id x79GmYbE098260; Fri, 9 Aug 2019 09:48:34 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201908091648.x79GmYbE098260@gndrsh.dnsmgr.net> Subject: Re: amazonaws In-Reply-To: <20190809051102.7127a793@dismail.de> To: starikarp@dismail.de Date: Fri, 9 Aug 2019 09:48:34 -0700 (PDT) CC: Michael Sierchio , "Rodney W. Grimes" , "ipfw@FreeBSD.org" X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 464rmB5h2vz3HN8 X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of freebsd-rwg@gndrsh.dnsmgr.net has no SPF policy when checking 69.59.192.140) smtp.mailfrom=freebsd-rwg@gndrsh.dnsmgr.net X-Spamd-Result: default: False [1.72 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.57)[0.570,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.19)[0.194,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.01)[0.012,0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.05)[ip: (0.15), ipnet: 69.59.192.0/19(0.08), asn: 13868(0.05), country: US(-0.05)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Aug 2019 16:48:45 -0000 > On Tue, 6 Aug 2019 18:42:29 -0700 > Michael Sierchio wrote: > > > On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < > > freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > > > > > Hi! > > > > > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw > > > > firewall. I have a table with many amazonasws IPs but every time > > > > when I start Firefox it shows the new one (I am checkong with > > > > tcpdump). > > > > > > Since it is almost impossible to keep up with the IP's.... > > > > > > > This is not even remotely true. > > > > https://ip-ranges.amazonaws.com/ip-ranges.json > > > > is kept up-to-date, and you can subscribe to an SNS topic to be > > notified of changes: > > > > arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged > > > > > > > > You could put the entire contents, or a portion of it, in an ipfw > > table and swap tables atomically upon change. > > > > I did try but there are not just compute.amazonasws.com as Rodney W. > Grimesand wrote and with all blockings come more problems. This is a spammer, scrapper, abuser, probably the only effective means of controlling some of it is use of RBL or other blacklists. Another would be amazon security should be prodded into taking trademark issue, but the most that could happen there is the domain name revoked, and the spammer just goes on to another high profile domain name like microsaft.com # host microsaft.com microsaft.com has address 93.191.156.32 microsaft.com mail is handled by 10 mx.unoeuro.com. Welcome to the free world of anyone can be an abuser :-( -- Rod Grimes rgrimes@freebsd.org