I made this to scratch my own itch. When I get DDoS'd I can relieve the pressure very easily by blocking Cloudflare, ChinaNet, DigitalOcean, Linode, Hetzner and OVH. The problem is, it's difficult to get the up-to-date subnets associated with those hosts in bulk.

I stumbled upon a free source of AS data a while ago, and integrated it into my custom OpenResty/Lua firewall.

But I wanted a quick way to block an ASN earlier in the process (iptables), mostly to keep my HTTP logs cleaner during a DDoS. And thus, ASN Tool was born.

I am running it on a cheap DO box with OpenResty/Lua as the backend. It seems to handle about 500 requests/second, which I hope is good enough for the time being.

After this https://krebsonsecurity.com/2022/12/six-charged-in-mass-take... I haven't been hit by any DDoS attacks, so this might be all for naught. But I'm putting it out there anyway.

Under the "Info" section, you can download the data file to run ASN lookups yourself. I suspect bandwidth may be an issue in the future. If anyone wants to sponsor hosting the file, email me at rumpelstiltskin at asntool.