Firewall – Stop China from connecting to the Google Compute Engine server

chinafirewallgoogle-compute-enginehackinglinux-networking

My company has a Google Compute Engine server hosted in North America. We get so many Chinese IP addresses sending requests to port 11 that it is costing us money for the ingress. Our firewall blocks all connections to China already as they have no business having access to our applications.

Is there a way to completely ignore these connections or have them blocked in such a way that they will not eat up bandwidth?

Best Answer

Firewalls have two main choices when receiving unwanted connection attempts.

REJECT - send a response saying the port/service/etc is closed or
unavailable
DROP - don't respond and just drop the packets

The words REJECT/DROP aren't standard or used across all firewalls but the difference between the concepts behind the two possible actions will be there. You want to do the equivalent of DROP so there is no outbound traffic. As mentioned by others inbound traffic incurs no charges.

Related Solutions

Google Compute Engine VM Display Driver

Just and update, GPU features are already available in beta.

Google compute engine IP ranges

As the other answer says, Google describes how to get the list here: https://cloud.google.com/compute/docs/faq#where_can_i_find_product_name_short_ip_ranges

I found a good script here for following spf records:

https://aplawrence.com/Kerio/recursive_spf.html

create the file lookup.perl as:

#!/usr/bin/perl
$domain=shift @ARGV;
@results=getit($domain);


sub getit {
  my $domain=shift;

  my @foo=`nslookup -q=TXT $domain`;
  my @results=();
  foreach (@foo) {
   next if not /$domain\ttext/;
   s/$domain\ttext = "v=spf1//;
   @results=split /\s+/;
   foreach (@results) {
    next if /-all/;
    print "$_\n";
    if (/include:/) {
     s/include://;
     getit($_);
    }
   } 
  } 
}

then run: ./lookup.perl _cloud-netblocks.googleusercontent.com | grep ip4

ip4:35.190.224.0/20
ip4:35.232.0.0/15
ip4:35.234.0.0/16
ip4:35.235.0.0/17
ip4:35.235.192.0/20
ip4:35.236.0.0/14
ip4:35.240.0.0/15
ip4:35.203.232.0/21
ip4:130.211.4.0/22
ip4:35.220.0.0/14
ip4:35.242.0.0/15
ip4:35.244.0.0/14
ip4:34.64.0.0/11
ip4:34.96.0.0/14
ip4:34.100.0.0/18
ip4:34.100.64.0/19
ip4:108.170.216.0/22
ip4:108.170.220.0/23
ip4:108.170.222.0/24
ip4:35.224.0.0/13
ip4:35.202.0.0/16
ip4:35.190.240.0/22
ip4:35.190.242.0/23
ip4:35.206.0.0/15
ip4:8.34.208.0/20
ip4:8.35.192.0/21
ip4:8.35.200.0/23
ip4:108.59.80.0/20
ip4:108.170.192.0/20
ip4:108.170.208.0/21
ip4:162.216.148.0/22
ip4:162.222.176.0/21
ip4:173.255.112.0/20
ip4:192.158.28.0/22
ip4:199.192.112.0/22
ip4:199.223.232.0/22
ip4:199.223.236.0/23
ip4:23.236.48.0/20
ip4:23.251.128.0/19
ip4:35.204.0.0/14
ip4:35.208.0.0/13
ip4:107.167.160.0/19
ip4:107.178.192.0/18
ip4:146.148.2.0/23
ip4:146.148.4.0/22
ip4:146.148.8.0/21
ip4:146.148.16.0/20
ip4:146.148.32.0/19
ip4:146.148.64.0/18
ip4:35.203.0.0/17
ip4:35.203.128.0/18
ip4:35.203.192.0/19
ip4:35.203.240.0/20
ip4:130.211.8.0/21
ip4:130.211.16.0/20
ip4:130.211.32.0/19
ip4:130.211.64.0/18
ip4:130.211.128.0/17
ip4:104.154.0.0/15
ip4:104.196.0.0/14
ip4:208.68.108.0/23
ip4:35.184.0.0/14
ip4:35.188.0.0/15
ip4:35.216.0.0/15
ip4:35.190.0.0/17
ip4:35.190.128.0/18
ip4:35.190.192.0/19
ip4:35.235.224.0/20
ip4:35.192.0.0/14
ip4:35.196.0.0/15
ip4:35.198.0.0/16
ip4:35.199.0.0/17
ip4:35.199.128.0/18
ip4:35.200.0.0/15
ip4:35.235.216.0/21

Best Answer

Related Solutions

Google Compute Engine VM Display Driver

Google compute engine IP ranges

Related Topic