2014-04-17 18:01 GMT+02:00 Laurent CARON <lca...@unix-scripts.info>: > On 17/04/2014 11:24, Tristan PILAT wrote: > >> Is there a way to make this work with "allow from any inet prefixlen 8 - >> 24" to accept /32 only for the blackhole ? >> > > > Please pay attention of not allowing one of your customers to blackhole > addresses from YOUR nets ;) >
Yes but how to do that without hard coded the network of the customer like in this rule; allow from group "customers" community 64514:888 prefix 192.0.33.0/24prefixlen = 32 set nexthope blackhole
