logoalt Hacker News

gonighttoday at 6:30 PM1 replyview on HN

I recently had to build a system to drop inbound traffic originating from cloudflare ASNs to prevent bad actors using WARP proxies, no legitimate cloudflare traffic usecases for anything inbound. Getting increasingly sick of cloudflare.


Replies

Bendertoday at 9:14 PM

I do something similar seems to get the job done.

    for BadActor in $(curl -A Mozilla "https://api.cloudflare.com/local-ip-ranges.csv"|grep -Ev "::|/32"|awk -F "," '{print $1}'|sort | uniq); do ip route add blackhole "${BadActor}" 2>/dev/null;done
Something similar can be done with AWS EC2

    https://ip-ranges.amazonaws.com/ip-ranges.json