Does anyone have a list of A blocks used in the US? (or A block used outside the US)

abefroman · 02-13-2012, 12:26 PM

Does anyone have a list of A blocks used in the US? (or A block used outside the US)

I found listing by country but the list is really long, and summarizing into A block would be a lot shorter.

I understand there may be some overlap.

I have a server in particular I want to restrict to US only IPs (I know someone can still use a proxy).

TIA

Noway2 · 02-13-2012, 01:07 PM

To ask a potentially stupid question, what do you mean by A block? Do you mean Autonomous System Numbers?

You are correct that the ipV4 address space is an absolute mess. The best I have found are some country code lists, like you mention, but these change frequently. For your application, you might be able to make use of the GEOIP, which from a quick search seems to have some API's available for it.

repo · 02-13-2012, 01:13 PM

Quote:

I have a server in particular I want to restrict to US only IPs (I know someone can still use a proxy).

You could use iptables
http://www.linksysinfo.org/index.php...ptables.35548/

Kind regards

abefroman · 02-13-2012, 02:37 PM

Hi, no, I mean Class A

I came up with the following, which I know is not accurate:

Code:

23.0.0.0/8
142.0.0.0/8
171.0.0.0/8
196.0.0.0/8
99.0.0.0/8
107.0.0.0/8
200.0.0.0/8
100.0.0.0/8
97.0.0.0/8
154.0.0.0/8
163.0.0.0/8
153.0.0.0/8
75.0.0.0/8
166.0.0.0/8
169.0.0.0/8
71.0.0.0/8
174.0.0.0/8
160.0.0.0/8
151.0.0.0/8
98.0.0.0/8
136.0.0.0/8
141.0.0.0/8
108.0.0.0/8
139.0.0.0/8
150.0.0.0/8
50.0.0.0/8
184.0.0.0/8
157.0.0.0/8
164.0.0.0/8
148.0.0.0/8
156.0.0.0/8
70.0.0.0/8
76.0.0.0/8
152.0.0.0/8
63.0.0.0/8
135.0.0.0/8
162.0.0.0/8
96.0.0.0/8
168.0.0.0/8
146.0.0.0/8
132.0.0.0/8
147.0.0.0/8
130.0.0.0/8
161.0.0.0/8
143.0.0.0/8
158.0.0.0/8
134.0.0.0/8
138.0.0.0/8
159.0.0.0/8
165.0.0.0/8
149.0.0.0/8
137.0.0.0/8
140.0.0.0/8
129.0.0.0/8
155.0.0.0/8
144.0.0.0/8
167.0.0.0/8
65.0.0.0/8
128.0.0.0/8
131.0.0.0/8
170.0.0.0/8
68.0.0.0/8
173.0.0.0/8
24.0.0.0/8
72.0.0.0/8
67.0.0.0/8
207.0.0.0/8
69.0.0.0/8
74.0.0.0/8
209.0.0.0/8
64.0.0.0/8
66.0.0.0/8
206.0.0.0/8
216.0.0.0/8
205.0.0.0/8
208.0.0.0/8
204.0.0.0/8
199.0.0.0/8
198.0.0.0/8
192.0.0.0/8

lithos · 02-13-2012, 03:29 PM

Hi,

so is this country IP blocks too long?

I selected United states and got a list with 41000 lines (attachment - rename pdf to ZIP)
which I think it may be really too much for a firewall / or maybe not, I don't know about limits in IPTABLEs.

good luck

abefroman · 02-13-2012, 04:08 PM

Quote:

Originally Posted by lithos

Hi,

so is this country IP blocks too long?

I selected United states and got a list with 41000 lines (attachment - rename pdf to ZIP)
which I think it may be really too much for a firewall / or maybe not, I don't know about limits in IPTABLEs.

good luck

Yes, Iptables was giving an error with that many lines, plus it took 7+ minutes to restart before I stopped it.

unSpawn · 02-13-2012, 04:35 PM

Quote:

Originally Posted by abefroman

Yes, Iptables was giving an error with that many lines, plus it took 7+ minutes to restart before I stopped it.

Unnecessary if you use ipset (iphash) or the iptables recent module.

abefroman · 02-13-2012, 04:38 PM

Quote:

Originally Posted by unSpawn

Unnecessary if you use ipset (iphash) or the iptables recent module.

Actually I use APF http://rfxnetworks.com, so the list length might be OK for iptables but not APF. So meant to restart apf takes that long.