Skip to content

Phils Blog and Stuff

TELECOMS. VIRTUALIZATION. IT. CODING. and more…

Menu
  • Home
  • Resources
    • Subnet Mask Cheat Sheet
    • Easy Dmarc+Email
    • MX Tool Box
    • LOAD BALANCING & SRE
  • SHOP
  • SOLUTIONS
  • SERVICES
  • Contact Me
Menu

Blocking Nasty IP Sources With TEAM CYMRU BOGONS and SpamHaus

Posted on 08/03/202308/03/2023 by Phil

Cisco IOS BGP Configuration

router bgp XXXXX
neighbor xxx.xxx.xxx.xxx remote-as 65332
neighbor xxx.xxx.xxx.xxx description "TEAM CYMRU BOGONS v4 1"
neighbor xxx.xxx.xxx.xxx ebgp-multihop 255
neighbor xxx.xxx.xxx.xxx password XXXXXXXXX
neighbor xxx.xxx.xxx.xxx version 4
neighbor xxx.xxx.xxx.xxx remote-as 65332
neighbor xxx.xxx.xxx.xxx description "TEAM CYMRU BOGONS v4 2"
neighbor xxx.xxx.xxx.xxx ebgp-multihop 255
neighbor xxx.xxx.xxx.xxx password XXXXXXXXX
neighbor xxx.xxx.xxx.xxx version 4
!
address-family ipv4
neighbor xxx.xxx.xxx.xxx activate
neighbor xxx.xxx.xxx.xxx remove-private-as
neighbor xxx.xxx.xxx.xxx soft-reconfiguration inbound
neighbor xxx.xxx.xxx.xxx prefix-list CYMRUBOGONS-OUT-v4 out
neighbor xxx.xxx.xxx.xxx route-map CYMRUBOGONS-V4 in
neighbor xxx.xxx.xxx.xxx activate
neighbor xxx.xxx.xxx.xxx remove-private-as
neighbor xxx.xxx.xxx.xxx soft-reconfiguration inbound
neighbor xxx.xxx.xxx.xxx prefix-list CYMRUBOGONS-OUT-v4 out
neighbor xxx.xxx.xxx.xxx route-map CYMRUBOGONS-V4 in
exit-address-family
!
ip prefix-list CYMRUBOGONS-OUT-v4 deny 0.0.0.0/0 le 32
!
route-map CYMRUBOGONS-V4 permit 10
description "TEAM CYMRU IPv4 BOGONS"
match community 100
set ip next-hop 10.11.12.1
!
ip route 10.11.12.1 255.255.255.255 Null0
!

TEAM CYMRU Firewall TXT List

For OPNsense and other firewalls that allow to create a rule with an external list of IP addresses. Use the below with a block rule.

https://www.team-cymru.org/Services/Bogons/fullbogons-ipv4.txt

SpamHaus

For OPNsense and other firewalls that allow to create a rule with an external list of IP addresses. Use the below with a block rule.

https://www.spamhaus.org/drop/drop.txt

https://www.spamhaus.org/drop/edrop.txt

POSTS

  • Home Assistant. Add water meter with PHP+MQTT+YML.
  • Automating your home with Home Assistant. Initial install and config (Hyper-V).
  • The importance of setting up email security correctly.
  • Automate Debian installations with Seed, DHCP and Nginx.
  • A simple link shortener.. Fun little project…

WORD CLOUD

3CX 3CX Phone System Apache Asterisk Cacti CentOS CRM DHCP DNS Email Fail over Failover File System Firewall FreeBSD FreeNAS FXO IAX install IP IP PBX Linux M0n0wall Nottingham Open Source PBX PFSense PHP Router Server SIP snom SSH TrixBox ubuntu VLAN Voice VoIP VPN vyatta WAN Website WiFi yealink ZFS

© 2025 Phils Blog and Stuff | Powered by Superbs Personal Blog theme