How do I block incoming traffic from Amazon AWS IPs?

ubuntu amazon-web-services linux-networking
11,825

Solution 1

I used the information provided by alienth to create a bash script to block all AWS traffic. You can get it on GitHub: https://github.com/corbanworks/aws-blocker

Solution 2

You can create a new iptables chain which can be separately flushed and refreshed.

$ iptables -N AWS
$ iptables -I INPUT 1 -j AWS

From here, just add all of the IP ranges to the AWS chain. To refresh the rules, simply iptables -F AWS and re-populate. For example:

$ iptables -F AWS
$ iptables -A AWS -s 50.19.0.0/16 -j REJECT

If you want to automate this, one thing you'll have to figure out is how trustworthy the IP data provided by AWS is. When pulling the JSON file make sure that you validate the SSL cert properly. There is still a possibility that AWS could release a malformed file, resulting in an automated iptables script blocking things you don't want to block.

Share:
11,825

Related videos on Youtube

zulugrid
Author by

zulugrid

Updated on September 18, 2022

Comments

  • zulugrid
    zulugrid almost 2 years

    I'd like to block ALL incoming traffic from Amazon AWS IPs.

    They publish a list of their IP addresses in json format here: http://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html

    I have a dedicated server running Ubuntu 14.04 LTS.

    Is there a way to do this with iptables? Could the rules be grouped somehow so they could be replaced periodically without affecting non-related rules? Or perhaps there is some other, better way to approach this?

    Thanks!

    • bobmagoo
      bobmagoo over 9 years
      Why do you want to block all traffic from AWS?
    • zulugrid
      zulugrid over 9 years
      @bobmagoo, I'm getting massive amounts of screen scraping traffic from AWS. None of my users have a legitimate reason to access my server from an AWS IP.
    • bobmagoo
      bobmagoo over 9 years
    • zulugrid
      zulugrid over 9 years
      Reporting abuse works great for heavy scrapers, but doesn't do anything for low-volume scrapers. I recognize that I can't stop scrapers altogether, but I can make things harder on them.
    • bobmagoo
      bobmagoo over 9 years
      It's still against their AUP, the volume of the badness doesn't factor in to that.
    • zulugrid
      zulugrid over 9 years
      Doesn't matter what their AUP says if they don't enforce it for low-volume offenders.
    • bobmagoo
      bobmagoo over 9 years
      They told you that?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Disabling the firewall in Ubuntu on an Amazon EC2 instance
No space left on device
Disable pm2 log creation in node js
How to activate python virtualenv through shell script?
How to avoid "Welcome to emergency mode!"
/dev/xvda1 full , though there is no temporary files
.bash_history does not exist
401 error when accessing Plex Media Server
Why does Amazon Video works on Google Chrome but not on chromium (Ubuntu)?
EC2 ubuntu AMI ssh password default without key