[87096] in North American Network Operators' Group
Re: blocking unallocated subnets
daemon@ATHENA.MIT.EDU (Randy Bush)
Fri Dec 2 15:11:17 2005
From: Randy Bush <randy@psg.com>
Date: Fri, 2 Dec 2005 10:10:29 -1000
To: Rob Thomas <robt@cymru.com>
Cc: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
> Another option is to automate the updates and leave the hard work
> to us!
the op was discussing port-specific filtering for dns only. could
you explain how i can automake my /etc/ipfw.rules leaving the hard
work to you? e.g.
add deny udp from 203.49.118.0/24 to any 53
randy
