I can only confirm that the amount of "network probing" traffic is ever increasing. We have the 44.137.0.0/16 network BGP routed towards us so we do not experience the described issues, but at the firewall there is a massive amount of incoming probes and I do use some techniques to auto-block these. For example, I have a static list of known probers (the likes of shodan.io, internet-census.org, binaryedge.ninja, etc etc.  a total of 674 entries, 90 of them subnets (often /24).

Additionally, I have an automatic blacklist of servers sending 10 or more probes per minute to any address in our /16 that is not in use (similar to the "are you in DNS" check in amprgw) and keeps the address blacklisted for an hour.  That list usually contains about 75000 addresses!

In the past I have tried several times to mail those "researchers" and "services that allow you to search for open ports" guys to get our subnet removed from their scan range.  The results are limited.  Sometimes it works, usually for limited time, sometimes just nothing changes.  Maybe the contacts for the AMPRnet could try some of those requests as well.

We get several Mbit/s of useless crap on our /16 so I can guess what it looks like for amprgw. Pity that there are so many of those jerks around.

Rob