← Back to context

Comment by gonight

15 hours ago

I recently had to build a system to drop inbound traffic originating from cloudflare ASNs to prevent bad actors using WARP proxies, no legitimate cloudflare traffic usecases for anything inbound. Getting increasingly sick of cloudflare.

I do something similar seems to get the job done.

    for BadActor in $(curl -A Mozilla "https://api.cloudflare.com/local-ip-ranges.csv"|grep -Ev "::|/32"|awk -F "," '{print $1}'|sort | uniq); do ip route add blackhole "${BadActor}" 2>/dev/null;done

Something similar can be done with AWS EC2

    https://ip-ranges.amazonaws.com/ip-ranges.json