Date: Fri, 9 Aug 2019 05:11:02 -0400 From: <starikarp@dismail.de> To: Michael Sierchio <kudzu@tenebras.com> Cc: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net>, "ipfw@FreeBSD.org" <ipfw@freebsd.org> Subject: Re: amazonaws Message-ID: <20190809051102.7127a793@dismail.de> In-Reply-To: <CAHu1Y70fb1h2HSE8VxXknG=owZtUGr6YQsQXz3_X2d8b8dUoaw@mail.gmail.com> References: <20190806175506.7757e863@dismail.de> <201908070122.x771MUD9085112@gndrsh.dnsmgr.net> <CAHu1Y70fb1h2HSE8VxXknG=owZtUGr6YQsQXz3_X2d8b8dUoaw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 6 Aug 2019 18:42:29 -0700 Michael Sierchio <kudzu@tenebras.com> wrote: > On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < > freebsd-rwg@gndrsh.dnsmgr.net> wrote: >=20 > > > Hi! > > > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw > > > firewall. I have a table with many amazonasws IPs but every time > > > when I start Firefox it shows the new one (I am checkong with > > > tcpdump). > > > > Since it is almost impossible to keep up with the IP's.... > > >=20 > This is not even remotely true. >=20 > https://ip-ranges.amazonaws.com/ip-ranges.json >=20 > is kept up-to-date, and you can subscribe to an SNS topic to be > notified of changes: >=20 > arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged >=20 >=20 >=20 > You could put the entire contents, or a portion of it, in an ipfw > table and swap tables atomically upon change. >=20 I did try but there are not just compute.amazonasws.com as Rodney W. Grimesand wrote and with all blockings come more problems. --=20 =E2=80=9CHungry man, reach for the book: it is a weapon.=E2=80=9D=20 =E2=80=95 Bertolt Brecht
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190809051102.7127a793>