September 1, 2018

Ubuntu Firewall - Filter by ASN

I use Uncomplicated Firewall (UFW). Its a friendly version of iptables for people with simple needs. Additional information here. I configure SSH to use keys only (no password authentication) however I also like to restrict by IP to reduce the load on fail2ban. With this in mind I needed to find away of whitelisting all IP's used by my ISP.

In order to do this I use a handy tool from Hurricane Electric:

https://bgp.he.net/AS48943#_prefixes

You can simply replace the AS number your ISP's. You can find this out by doing a whois on the IP address. Although the description will change the AS number is always the same in my experience.

I simply copied the prefix column, pasted as plain text in excel and then used the following formula:

=CONCATENATE("ufw allow from ",A1, " to any port 22")

Finally I inserted into a bash script and ran it.

  • LinkedIn
  • Tumblr
  • Reddit
  • Google+
  • Pinterest
  • Pocket
Comments powered by Disqus