Date: Tue, 6 Aug 2019 18:42:29 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: "Rodney W. Grimes" <freebsd-rwg@gndrsh.dnsmgr.net> Cc: starikarp@dismail.de, "ipfw@FreeBSD.org" <ipfw@freebsd.org> Subject: Re: amazonaws Message-ID: <CAHu1Y70fb1h2HSE8VxXknG=owZtUGr6YQsQXz3_X2d8b8dUoaw@mail.gmail.com> In-Reply-To: <201908070122.x771MUD9085112@gndrsh.dnsmgr.net> References: <20190806175506.7757e863@dismail.de> <201908070122.x771MUD9085112@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 6, 2019 at 6:23 PM Rodney W. Grimes < freebsd-rwg@gndrsh.dnsmgr.net> wrote: > > Hi! > > > > Is it possible to bl;ock compute.amazonasws.com with ipfw firewall. I > > have a table with many amazonasws IPs but every time when I start > > Firefox it shows the new one (I am checkong with tcpdump). > > Since it is almost impossible to keep up with the IP's.... > This is not even remotely true. https://ip-ranges.amazonaws.com/ip-ranges.json is kept up-to-date, and you can subscribe to an SNS topic to be notified of changes: arn:aws:sns:us-east-1:806199016981:AmazonIpSpaceChanged You could put the entire contents, or a portion of it, in an ipfw table and swap tables atomically upon change. --=20 "Well," Brahm=C4=81 said, "even after ten thousand explanations, a fool is = no wiser, but an intelligent person requires only two thousand five hundred." - The Mah=C4=81bh=C4=81rata
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHu1Y70fb1h2HSE8VxXknG=owZtUGr6YQsQXz3_X2d8b8dUoaw>