[c-nsp] Dropping traffic based on source address
Brad Gould
bradley at internode.com.au
Thu Jun 30 22:17:11 EDT 2005
Hi!
We have a (large) list of spamming evil hosts/networks we would like
block from our mail servers. (~500k entries)
The list is being imported into the routing table via bgp, and we can
drop the return path traffic, using PBR. But the initial syn traffic is
getting through to the servers.
I'd like to drop the inbound traffic, based on its source address, but I
cant construct a sensible ACL - there are too many entries (around 500k).
But can I match based on known routes in the routing table, and apply
that on the way into the network?
Any ideas?
Thanks
Brad
--
Brad Gould, Network Engineer
Internode
PO Box 284, Rundle Mall 5000
Level 3, 132 Grenfell Street, Adelaide 5000
P: 08 8228 2999 F: 08 8235 6999
bradley at internode.com.au; http://www.internode.on.net/
More information about the cisco-nsp
mailing list