On Fri, 25 Apr 2003, Mike Vanecek wrote: > > I currently do > > 51 3060 LOG all -- * * 203.0.0.0/8 0.0.0.0/0 > LOG flags 0 level 7 prefix `Asia3 ' > 51 3060 DROP all -- * * 203.0.0.0/8 0.0.0.0/0 > > Does a list that allows one to differentiate between .cn and .au exist somewhere? > > Or, maybe I could just accept the .au and .nz and then drop the rest with the > above. So, what is the range for .au and .nz? Thanks to APNIC issueing all over the place /8's are impossible by countries in this region, but to take out cn and br br: 200.0.0.0/8 66.252.0.0/19 64.110.0.0/17 64.110.128.0/18 cn: 202.80.0.0/12 202.96.0.0/11 202.128.0.0/14 202.200.0.0/14 203.93.9.0/20 203.93.16.0/20 203.95.0.0/22 203.192.0.0/19 203.208.0.0/20 203.208.16.0/22 218.1.1.1/8 kr: 210.124.0.0/14 This list is extremely FAR FAR FAR from complete, but does the job if you've got time with grep and sort on teh below file you can enhance it. For a complete list of IP ranges allocated/reserved in hte APNIC region ftp://ftp.auschat.net/pub/networks/apnic.txt -- -Res lns01-wick-bne> ipfirewall addb reject all from aol.com to 0