Previous conversations made me decide this would be fun to do so I ignored all
my real work today and made it happen.
I built a TCL script that can be mapped to an alias ("alias exec updatedrop
tclsh updatedrop.tcl") that will connect to the Spamhaus DROP list and route
all of the prefixes to null0. It should alsbo be able to be mapped to a kron
job, but I haven't tested that and I've heard there are issues with kron+tcl
unless you tie it to an EEM event. It adds a name indicator
(Spamhaus_SBLXXXXX) to all of the routes to show that they come from the DROP
list. You can find the script at:
http://tmagill.net/cisco_networking_ccie_studies/?p=83
There is also a script to remove all of the Spamhaus_SBLXXXXX null routes.
If I were to redis these into BGP they could be propagated just like the CYMRU
Bogons... I plan on doing that within the next week and start testing. Does
anyone see that as a useful service to be offered?
Thomas Magill
Network Engineer
Office: (858) 909-3777
Cell: (858) 869-9685
tmag...@providecommerce.com<mailto:tmag...@providecommerce.com>
provide-commerce
4840 Eastgate Mall
San Diego, CA 92121
ProFlowers<http://www.proflowers.com/> |
redENVELOPE<http://www.redenvelope.com/> | Cherry Moon
Farms<http://www.cherrymoonfarms.com/> | Shari's
Berries<http://www.berries.com/>
