How to configure Spamhaus ASN-DROP ?

hushcoden · May 20, 2020, 11:49:33 PM

Would anybody know how to configure the Spamhaus ASN DROP List ?

I can see in the OPNsense documentation the instructions for both DROP and EDROP, but not for the ASN DROP list...

Tia.

hushcoden · June 03, 2020, 11:09:55 PM

Or can someone confirm if this is not possible with OPNsense?

Tia.

AdSchellevis · June 04, 2020, 11:31:03 AM

ASN lists are not supported, you need to map them to ip ranges first and publish the list. OPNsense (currently) does not resolve ASN entries, in case of the Spamhaus list I don't expect many of those entries will resolve to anything at the moment ( e.g. https://mxtoolbox.com/SuperTool.aspx?action=asn:AS612&newAppVersion=1).

Although I'm not very familiar with these specific lists, I expect their intended usage seems more related to dynamic routing / BGP to deny access to publish new routes.

Best regards,

Ad

hushcoden · June 04, 2020, 07:56:55 PM

Ok, thanks.

How to configure Spamhaus ASN-DROP ?

hushcoden

May 20, 2020, 11:49:33 PM

hushcoden

June 03, 2020, 11:09:55 PM #1

AdSchellevis

June 04, 2020, 11:31:03 AM #2

hushcoden

June 04, 2020, 07:56:55 PM #3