I'd like to block ALL incoming traffic from Google Cloud IPs.
I don't know how to do this, and I don't know how to know what the Google Cloud IPs are.
I have a dedicated server running Ubuntu 20.04 LTS.
Is there a way to do these?
Thanks.
Asked
Active
Viewed 1,093 times
0
-
Google publishes a list: https://www.gstatic.com/ipranges/cloud.json – ceejayoz Apr 26 '21 at 14:37
-
Define what you mean. There are Google Cloud IPs for Google Cloud services and IPs for user services/applications running in Google Cloud. Why do you want to block these IP addresses? Google Cloud services do not access your services unless you enable features that require this. In general, your objective is not a good idea and could cause your services to stop functioning. – John Hanley Apr 26 '21 at 19:22
-
@JohnHanley I want to block user services / applications running on Google Cloud, because of their free trial, which receives a balance to spend on anything, there are a lot of people who use it to ddos on my game servers. – Nigro Apr 26 '21 at 20:56
-
That means you want to block public IPs and not necessarily Google Cloud IPs. If your servers are public, then you will get hit will public access. Lockdown your VMs to allow only your public IP address or those in your group using VPC Firewall Rules. – John Hanley Apr 26 '21 at 22:44
-
Note: it is unlikely that someone inside Google Cloud will be able to execute a distributed denial of service for very long before Google boots them from the cloud. Their security AI is very good. – John Hanley Apr 26 '21 at 22:45
1 Answers
3
I don't think this is necessary but If you would like to block Google IPs, here is a list of Google IP ranges that you can use. I assume you'll use something like iptables to do this? Otherwise, that list should be suffice.
GCP has resources you can use for DDOS protection. Cloud Armor is one of them. As @JohnHanley mentioned, some of your services might not work correctly / stop working all together.
Cam
- 151
- 3