Yeah, so if you decided to go down the path that Bruce suggested which was to allow only source addresses from within New Zealand networks to do normal port 80 web traffic, then the first place I would look is the BGP prefix lists on the New Zealand's primary peering point, and worry about the rest later if that becomes a problem. As I said, this is a good start...
-----Original Message----- From: Richard Stevenson [mailto:richard(a)endace.com] Sent: Tuesday, 27 April 2004 10:09 To: Waikato Linux Users Group Subject: RE: [wlug] iptables question
On Tue, 27 Apr 2004, Lindsay Druett wrote:
Dunno... Who has that one ?
222/8 is spread all over APNIC space... KDDI (in Japan) has 222.0.0.0/12, if I calculate my bits correctly.
Cheers
R
Who knows, everything under my administrative control was in there, so I'm happy with it...
-----Original Message----- From: Drew Broadley [mailto:drew(a)corrupt.co.nz] Sent: Tuesday, 27 April 2004 09:50 To: 'Waikato Linux Users Group' Subject: RE: [wlug] iptables question
Here you go... Auckland Peering Exchnage's peering list would be a good start...
<prefix-list>
Where is 222/8 ? :)
-- Richard Stevenson _______________________________________________ wlug mailing list | wlug(a)list.waikato.ac.nz Unsubscribe: http://list.waikato.ac.nz/mailman/listinfo/wlug
participants (1)
-
Lindsay Druett