Recevied by private mail.
Date: Thu, 7 Mar 2019 00:49:16 +0000 (UTC)
"""
New feature: In thinking about various blocking of IP address groups,
I came to the conclusion that blocking by ASN may be a good
choice. Therefore, taking the lead of the geoip match module,
attached is what I have for an ASN matching module. I assume that the
support files generated will be the same format as those used for the
geoip match. [...]
I bet someone might want the ASNs on the same rule to be sorted in
numerical order. However, geoip didn't do that with country names, so
I didn't bother.
Matching by ASN may be "better" than matching by an ipset of all one
entities IP blocks (assuming that all of an entity's ASNs are known
if multiples exist). Of course, I would like to see this module make
it into your next release (3.3). ;-)
"""
Date: Sun, 10 Mar 2019 06:45:11 +0000 (UTC)
"""
I think I got everything including the documentation and build script
this time. [...]
I noticed that some other people tried to write similar patches (saw
one on github), but those have things that were missed.
I'm running the module on my colocated server now, and it's working
well. Already blocked ASN 4134 (a botnet-infected Chinese net) a few
hundred times in the first hour.
"""
projects / thirdparty / xtables-addons.git / commit
