For example: Facebook, AS32934 being the ASN of company Facebook.
So opnsense would perform something like: "whois -h whois.radb.net -- '-i origin AS32934' | grep ^route" -> formats to iplist. Periodic updates.
Thanks for all the hard work.
Just use http://asn.blawk.net/ for your URL table
e.g. http://asn.blawk.net/2906 zu get list of ASN 2906 networks (Netflix)
you can schedule something like
whois -h whois.radb.net -- '-i origin AS32934' | awk '/^route:/ {print $2}' | xargs pfctl -t facebook_networks -T replace
or using spf records
https://www.signorini.ch/content/opnsense-create-pftable-for-google-networks
These all seem like fine options, I will use asn.blawk.net for now.
It still seems like a neat feature to have in the GUI however.
Thanks.
that looks nice but it's updated in 2016
Yes, and no IPv6 support.
whois -h whois.radb.net -- '-i origin AS32934' | awk '/^route:/ {print $2}' | xargs pfctl -t facebook_networks -T replace
How would this command look if I wanted to output multiple ASN's to the same table?
Edit: Never mind, found a working solution.