Open cbuijs opened 4 years ago
This is doable. It seems to require a different database file, GeoLite2-ASN
which isn't included by default.
Ping!
When I check the DB directory, after a geoipupdate
, it has these files:
ls -al /usr/share/GeoIP/
-rw-r--r-- 1 root root 7824637 Aug 9 12:00 GeoLite2-ASN.mmdb
-rw-r--r-- 1 root root 65858095 Aug 5 12:00 GeoLite2-City.mmdb
-rw-r--r-- 1 root root 5590822 Aug 5 12:00 GeoLite2-Country.mmdb
Including the GeoLite2-ASN.mmdb
one.
Tried to point location-db
to it (no errors loading), but doesn't work asresponse-blocklist-ip
only allows/accepts CIDR Prefixes in the blocklist
and not ASN's.
Ping! - Friendly Reminder.
Can you try the issue-94
branch? Config example in https://github.com/folbricht/routedns/pull/330
Tried it, but seems to do nothing... I suspect my local geolite is messed up. Need a bit more time, will test in the weekend.
Hi!
Seems that the GeoLite2 GEO-DB also provides the ASN (Autonomous System Number) for particular address-spaces. Would it be possible to block by ASN to addition of
cidr
andlocation
?It is actually very similar as
location
in usage.For both
client-blocklist
andresponse-blocklist-ip
.For example, if I want to block anything of "Google", it would be looking like this:
Also ability to load lists via
source
etc.ASN example Info: https://ipinfo.io/AS15169 IPASN Database: https://raw.githubusercontent.com/cbuijs/ipasn/master/ipasn-all.dat ASN: https://en.wikipedia.org/wiki/Autonomous_system_(Internet)
-Chris.