+ routes

* Update 2026.03.01 01:07:56

* Update 2026.03.01 04:25:44

* Update 2026.03.01 06:01:46

* Update 2026.03.01 06:15:37

* Update 2026.03.01 06:23:34

* Update 2026.03.01 07:44:01

* Update 2026.03.01 08:02:08

* Update 2026.03.01 08:06:50

---------

Co-authored-by: C24Be <C24Be@github.com>

.github/workflows/update_blacklists.yml

@@ -32,6 +32,8 @@ jobs:
       - run: ./blacklists_updater_txt.sh
       - run: ./blacklists_updater_nginx.sh
       - run: ./blacklists_updater_iptables.sh
+      - run: ./blacklists_updater_nftables.sh
+      - run: ./blacklists_updater_routes.sh
       - uses: ./.github/actions/gitPush
         env:
-          PUSH_FILES: blacklists/ blacklists_nginx/ blacklists_iptables/
+          PUSH_FILES: blacklists/ blacklists_nginx/ blacklists_iptables/ blacklists_nftables/

.github/workflows/update_nftables.yml

@@ -0,0 +1,33 @@
+name: Update nftables Blacklists
+
+on:
+  schedule:
+    - cron: '30 2 * * *'  # Daily at 02:30 UTC
+  workflow_dispatch:
+
+jobs:
+  update-nftables:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.x'
+        
+    - name: Generate nftables blacklists
+      run: |
+        chmod +x blacklists_updater_nftables.sh
+        ./blacklists_updater_nftables.sh
+        
+    - name: Commit and push if changed
+      run: |
+        git config --local user.email "github-actions[bot]@users.noreply.github.com"
+        git config --local user.name "github-actions[bot]"
+        git add blacklists_nftables/
+        git diff --quiet && git diff --staged --quiet || \
+          (git commit -m "Auto-update nftables blacklists [skip ci]" && git push)
+

README.md

@@ -2,6 +2,11 @@
 
 ### Blacklists are updated daily!
 
+> [!IMPORTANT]
+> A very important feature has been added: dedicated lists of VK Cloud / VK networks that can be used to block **OUTGOING** traffic from your server (iptables/ipset and nftables formats are available).
+> This can help reduce the risk of Messenger MAX being used to compromise your VPN server.
+> The best security option is to avoid installing Messenger MAX at all on a phone where VPN access is configured.
+
 This repository contains Python scripts that allow you to retrieve network lists based on either an Autonomous System (AS) name or a Network name. Also you can download and parse the whole RIPE database to get information about Networks for the further analysis.
 
 **Ready-to-use blacklists in multiple formats:**
@@ -9,6 +14,8 @@ This repository contains Python scripts that allow you to retrieve network lists
 - [Text blacklists in `blacklists/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists) - Plain text format with IPv4/IPv6 separation
 - [Nginx configurations in `blacklists_nginx/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_nginx) - Ready to include in your nginx config
 - [IPTables/IPSet files in `blacklists_iptables/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_iptables) - Optimized for iptables with ipset
+- [nftables files in `blacklists_nftables/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_nftables) - Ready-to-load sets and rules for nftables
+- [Linux route files in `blacklists_route/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_route) - VK route blackholes to loopback (IPv4/IPv6)
 - [Other network and ASN lists in `auto/`](https://github.com/C24Be/AS_Network_List/tree/main/auto) - Comprehensive Russian network data
 
 ## Files and features
@@ -20,12 +27,16 @@ This repository contains Python scripts that allow you to retrieve network lists
 - `get_info_from_ripe.py`: Retrieves information about Russian AS numbers and Networks from RIPE database for the further analysis.
 - `get_description.py`: Retrieves network names, AS names and organisation names from RIPE. Updates the lists in the folder `auto/`.
 - `parse_ripe_db.py`: Parses the whole RIPE database to get information about Networks for the further analysis.
+- `generate_nft_blacklist.py`: Takes text blacklist on the input and generates nftables config with sets.
+- `check_nft_blacklist.py`: Checks IPv4/IPv6 address against generated nftables config.
 
 ### Blacklist Generators
 
 - `blacklists_updater_txt.sh`: Generates text-based blacklists with IPv4/IPv6 separation
 - `blacklists_updater_nginx.sh`: Generates nginx configuration files with deny directives
 - `blacklists_updater_iptables.sh`: Generates ipset configuration files for iptables/ip6tables
+- `blacklists_updater_nftables.sh`: Generates nftables blacklist files (mixed/v4/v6 and VK-specific)
+- `blacklists_updater_routes.sh`: Generates Linux route files to send VK networks to loopback (`127.0.0.1` / `::1`)
 
 ### Generated Blacklists
 
@@ -50,6 +61,22 @@ This repository contains Python scripts that allow you to retrieve network lists
 - `blacklist-v6.ipset`: IPSet configuration for IPv6 only (**daily generated**)
 - `README.md`: Complete usage documentation for iptables integration
 
+**nftables Format** (`blacklists_nftables/` folder):
+
+* `blacklist.nft`: nftables configuration for mixed IPv4/IPv6 (**daily generated**)
+* `blacklist-v4.nft`: nftables configuration for IPv4 only (**daily generated**)
+* `blacklist-v6.nft`: nftables configuration for IPv6 only (**daily generated**)
+* `blacklist-vk.nft`: nftables configuration for VK-only networks (**daily generated**)
+* `blacklist-vk-v4.nft`: nftables configuration for VK-only IPv4 networks (**daily generated**)
+* `blacklist-vk-v6.nft`: nftables configuration for VK-only IPv6 networks (**daily generated**)
+* `README.md`: Complete usage documentation for nftables integration
+
+**Linux Routes Format** (`blacklists_route/` folder):
+
+* `blacklist-vk-v4.routes`: IPv4 routes for VK-only networks to `127.0.0.1` via `lo` (**daily generated**)
+* `blacklist-vk-v6.routes`: IPv6 routes for VK-only networks to `::1` via `lo` (**daily generated**)
+
+
 ### Reference Lists
 
 **Contributors are welcome!**
@@ -90,6 +117,38 @@ iptables -I INPUT -m set --match-set blacklist-v4 src -j DROP
 ip6tables -I INPUT -m set --match-set blacklist-v6 src -j DROP
 ```
 
+**For nftables:**
+````bash
+# Download and load into nftables
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_nftables/blacklist.nft
+sudo nft -f blacklist.nft
+
+# Protect VM from incoming blacklist sources
+sudo nft add chain inet filter input '{ type filter hook input priority 0; policy accept; }'
+sudo nft add rule inet filter input ip saddr @blacklist_v4 counter reject
+sudo nft add rule inet filter input ip6 saddr @blacklist_v6 counter reject
+
+# VK-only outbound blocking for VPN clients via NAT/FORWARD
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_nftables/blacklist-vk.nft
+sudo nft -f blacklist-vk.nft
+sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy accept; }'
+sudo nft add rule inet filter forward iifname "<VPN_IFACE>" ip daddr @blacklist_v4 counter reject
+sudo nft add rule inet filter forward iifname "<VPN_IFACE>" ip6 daddr @blacklist_v6 counter reject
+
+# View the loaded rules
+sudo nft list ruleset
+````
+
+**For Linux Routes (VK loopback blackhole):**
+
+```bash
+# Download and apply VK route files
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_route/blacklist-vk-v4.routes
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_route/blacklist-vk-v6.routes
+sudo sh blacklist-vk-v4.routes
+sudo sh blacklist-vk-v6.routes
+```
+
 **For Custom Applications:**
 
 ```bash
@@ -183,6 +242,20 @@ See the README files in each folder for detailed usage instructions.
     ./network_list_from_netname.py --help
     ```
 
+### `generate_nft_blacklist.py`
+1. Generate nftables config from blacklist:
+
+    ```bash
+    ./generate_nft_blacklist.py blacklists/blacklist.txt blacklist.nft
+    ```
+
+### `check_nft_blacklist.py`
+1. Check IP address against generated config:
+
+    ```bash
+    ./check_nft_blacklist.py blacklist.nft 77.37.166.239
+    ```
+
 ## Screenshots
 
 <img width="320" alt="image" src="https://github.com/C24Be/AS_Network_List/assets/153936414/71bd0ed4-0e9b-42f0-8e91-01964ea9b8e1">

auto/all-ru-ipv6.txt

@@ -53,6 +53,7 @@
 2001:678:85c::/48 GIVC (Main Center of Information and Computing Ministry of culture of Russian Federation)
 2001:678:8f0::/48 RU-PDV (Podolskii Dmitrii Vladimirovich)
 2001:678:8fc::/48 RU-ROSNIIROS-20190111 (JSC Goznak)
+2001:678:978::/48 PrivateNet (Yanislav Basiuk)
 2001:678:99c::/48 CZ-VISSADO-20190515 (Mediasvyaz Ltd.)
 2001:678:9c4::/48 BCC (JSC Business-center Capital)
 2001:678:9d0::/48 RU-RETNNET-20190621 (LLC Zenit-Arena)
@@ -61,6 +62,7 @@
 2001:678:a60::/48 RU-ONGNETPLUS-20190411 (OngNet Plus LLC)
 2001:678:a70::/48 CZ-VISSADO-20190425 (VostokMediaSvyaz Ltd.)
 2001:678:ab0::/48 PlanetaTelekom (Kurochkin Evgeniy Anatolievich)
+2001:678:ac0::/48 CH-SECUREBIT-20260106 (Artur Zagidullin)
 2001:678:b3c::/48 RU-DSP-20191017 (INVITRO-Information technology LLC)
 2001:678:b40::/48 ORG-ITOA1-RIPE (Tsyapa Oleg Anatolyevich)
 2001:678:b48::/48 LEMANAPRO-NET (Le Monlid LLC)
@@ -84,7 +86,6 @@
 2001:678:e2c::/48 DWDM-RU-V6-NET (DWDM.RU llc)
 2001:678:e30::/48 virtaldc-ipv6-backbone (Dmitrii Vladimirovich Malkov)
 2001:678:e84::/48 RU-MSP2018-20201023 (VIP-TELECOM LLC)
-2001:678:ee4::/48 IP-Petrosyan-Maksim-Markslenovicht (IP Petrosyan Maksim Markslenovich)
 2001:678:ee8::/48 TRC-BRT-IPV6 (Teleradiocompany Bytradiotehnika Ltd.)
 2001:678:eec::/48 NPI-TU (Federal State Budgetary Educational Institution of Higher Education "M.I.Platov South-Russian State Polytechnic University (NPI)")
 2001:678:f38::/48 RU-RETNNET-20210504 (Traffic Ltd)
@@ -93,8 +94,7 @@
 2001:678:1024::/48 SIRENATRAVEL-NETv6 (Sirena Travel AO)
 2001:678:1034::/48 RU-ELKOMA (Elkoma LLC)
 2001:678:1058::/48 CZ-VISSADO-20250305 (GP Internet Ltd.)
-2001:678:107c::/48 RU-LLCBROADCASTING (LLC TRC "KTV Plus")
-2001:67c:20::/48 ABSOLYT-NET (Limited liability company Absolyt)
+2001:67c:20::/48 ABSOLYT-NET (Limited liability company Absolut)
 2001:67c:84::/48 MANNET-6NET (MAN net Ltd.)
 2001:67c:e8::/48 RU-NEMEROV (Nemerov Evgeniy Vladimirovish PE)
 2001:67c:100::/48 RU-DINET-20210819 (Limited Liability Company "R-Business Svyaz")
@@ -116,6 +116,7 @@
 2001:67c:5c4::/48 MBITCITY-NET (Mbit City Ltd.)
 2001:67c:614::/48 RU-INDATA-20160728 (FOUNDATION FOR DEVELOPMENT OF NETWORKING TECHNOLOGIES "INDATA")
 2001:67c:62c::/48 PRK-V6NET (JSC Trading house Perekriostok)
+2001:67c:650::/48 RU-HYPERNET-20260210 (JSC ALIAS)
 2001:67c:664::/48 BALTSOYA-AS (CJSC Sodruzhestvo Soya)
 2001:67c:698::/48 AIRKHV (JSC "Khabarovsky airport")
 2001:67c:6a0::/48 RSCC (Federal State Unitary Enterprise "Russian Satellite Communication Company")
@@ -130,13 +131,13 @@
 2001:67c:79c::/48 AVANTEL (JSC Avantel)
 2001:67c:7b4::/48 ORG-IT77-RIPE (INTERNET TECHNOLOGIES LLC)
 2001:67c:86c::/48 RU-TUI-20210915 (TT-Travel LLC)
-2001:67c:878::/48 CZ-NETART-20240808 (OOO MMTR Technologii)
 2001:67c:8d8::/48 CZ-VISSADO-20211206 (STM Ltd.)
 2001:67c:900::/48 RU-MTU-20220121 (REGIONAL STATE STATE INSTITUTION "CORPORATION FOR DEVELOPMENT OF INTERNET TECHNOLOGIES - MULTIFUNCTIONAL CENTRE FOR PROVIDING STATE AND MUNICIPAL SERVICES IN THE ULYANOVSK REGION")
 2001:67c:944::/48 AtoS-IT-Solutions-and-Services-LLC (AtoS IT Solutions and Services LLC)
 2001:67c:948::/48 RU-OPTIBIT-20220218 (Mobilon Telecommunications LLC)
 2001:67c:95c::/48 RU-RTK-20220223 (JSC COMMERCIAL BANK "KHLYNOV")
 2001:67c:a5c::/48 RU-GSYSTEM-20220810 (LLC OZON BANK)
+2001:67c:a80::/48 Foton-net (Foton Company Ltd)
 2001:67c:ac4::/48 RU-SITENET-20220928 (Ministry of Finance of the Sakhalin region)
 2001:67c:b00::/48 VMI-NET6 (OOO NPO VMI)
 2001:67c:b18::/48 LITE-HOST (Rusachenko Evgenii Sergeevich)
@@ -159,7 +160,7 @@
 2001:67c:f64::/48 AB-GAGRATEL (Gagra Telecom LLC)
 2001:67c:f88::/48 RU-SIGNALTELECOM (Signal-Telecom LLC)
 2001:67c:f98::/48 CZ-VISSADO-20241119 (Tecom Ltd.)
-2001:67c:fa0::/48 CZ-NETART-20241122 (Svyaz JSC)
+2001:67c:fa0::/48 SVYAZ6-NET (Svyaz Ltd)
 2001:67c:fb0::/48 FAITID-NETWORK (Foundation for Assistance for Internet Technologies and Infrastructure Development)
 2001:67c:fb4::/48 RU-KIPREY (Kiprey JSC)
 2001:67c:fcc::/48 RU-SERGIENKO-20241220 (KAMETA LLC)
@@ -188,7 +189,6 @@
 2001:67c:1484::/48 RU-DOMISHKO (Inweb Ltd.)
 2001:67c:1494::/48 ORG-TCKL3-RIPE (TELECOMMUNICATION COMPANY KAMA - LINK LLC.)
 2001:67c:14ac::/48 RU-RELCOMGROUP-20210331 (Odintsovskaya teploset, JSC)
-2001:67c:14b4::/48 BITRACE-NET (Bitrace OOO)
 2001:67c:1574::/48 BELRTS-IP-V6 (Regional TeleSystem Ltd)
 2001:67c:1584::/48 RU-ERTH-CLOUD-20230403 (JSC "ER-Telecom Holding")
 2001:67c:15d0::/48 RU-SUNTEL (OOO Suntel)
@@ -285,12 +285,13 @@
 2001:67c:2e98::/48 RU-RTK-20151005 (FGBOU VO Saratov State Medical University named after V.I.Razumovsky)
 2001:67c:2e9c::/48 SANTEKHKOMPLEKT (LTD Santekhkomplekt)
 2001:67c:2ec8::/48 RU-RTK-20151021 (RusAccreditation. Federal Service for accreditation)
-2001:67c:2ee0::/48 VIKSCOM-IPV6-NET (Vikscom Ltd.)
+2001:67c:2ee0::/48 VIKS-NET (Vikscom Ltd.)
 2001:67c:2f90::/48 SOFTBUILD (SOFTBUILD LLC)
 2001:67c:2fd4::/48 ORG-IO52-RIPE (IPSvyaz OOO)
 2001:6d0::/32 RU-MSK-IX-20010219 (Join-stock company "Internet Exchange"MSK-IX")
 2001:7f8:5::/48 RU-KTVB-NETWORK-20160125 (Truenetwork LLC)
 2001:7f8:20::/48 RU-MSK-IX (Join-stock company "Internet Exchange"MSK-IX")
+2001:7f8:55::/48 UA-PROMTELECOM (JSC Promtelecom)
 2001:7f8:5c::/48 RU-IXCELLERATE-20160224 (IXcellerate LLC)
 2001:7f8:6f::/48 KRD-IX-NET (IpNetcom LLC)
 2001:7f8:70::/48 RBIXP (JSC "Ufanet")
@@ -304,15 +305,15 @@
 2001:7f8:a7::/48 BAIKAL-IX-NET-v6 (LLC Zero Kilometer)
 2001:7f8:ac::/48 RU-OPTIBIT-20160922 (Optibit LLC)
 2001:7f8:c8::/48 RU-DREAMNET-20180514 (Weacom Ltd)
-2001:7f8:c9::/48 RU-CHTE-20180525 (Chitatehenergy JSC)
+2001:7f8:c9::/48 RU-CHTE-20180525 (JOINT-STOCK COMPANY "MOSCOW ENERGY COMMUNICATION NODE")
 2001:7f8:e6::/48 RU-PITER-IX-SPB (Piter-IX Co. Ltd.)
 2001:7f8:eb::/48 RU-PITER-IX-MSK (Piter-IX Co. Ltd.)
 2001:7f8:ee::/48 RU-LINXDATACENTER-20200218 (Svyaz VSD LLC)
 2001:7f8:f1::/48 RU-RCN-20200415 (RECONN LLC)
+2001:7f8:100::/48 RU-KTVB-NETWORK-20251217 (Lightcom LLC)
 2001:7f8:13d::/48 RU-MEGAFON-20221111 (PJSC MegaFon)
 2001:a58::/32 RU-ICT-20090408 (Information and Communication Technologies LLC)
 2001:b08::/32 RU-NIKS-20030214 (SCIENTIFIC RESEARCH INSTITUTE FOR SYSTEM ANALYSIS OF THE NATIONAL RESEARCH CENTRE "KURCHATOV INSTITUTE")
-2001:1428::/32 RU-DOMTEHNIKI-NET-20100427 (Dom Tehniki Ltd)
 2001:1b00::/32 RU-SOVINTEL-20040413 (PJSC "Vimpelcom")
 2001:1bb0::/32 RU-RTCOMM-20101118 (JSC RTComm.RU)
 2001:3b40::/29 RU-HTEL-20240919 (Vadim Druzev)
@@ -328,7 +329,7 @@
 2a00:eba::/31 RU-STACK-20100219 (StackNet Service, LLC)
 2a00:ebc::/30 RU-STACK-20100219 (StackNet Service, LLC)
 2a00:f00::/29 RU-MTU-20081124 (MTS PJSC)
-2a00:f08::/32 RU-WILAND-20081124 (Wiland Ltd)
+2a00:f08::/32 RU-TRUNKMOBILE-20081124 (TrunkMobile JSC)
 2a00:f30::/32 RU-QUANTUM-20081127 (Quantum CJSC)
 2a00:1020::/32 RU-SEVEREN-20090619 (JSC "Severen-Telecom")
 2a00:1078::/32 RU-STROYTECHSERVICE-20090630 (Stroytechservice LLC)
@@ -344,7 +345,7 @@
 2a00:13f8::/29 RU-MTU-20090922 (MTS PJSC)
 2a00:1410::/32 RU-RSK-20090924 ("Region Svyaz Konsalt" LLC)
 2a00:1440::/32 RU-KVANT-TELECOM-20091005 (JSC KVANT-TELEKOM)
-2a00:1468::/32 RU-BIGTELECOM-20091007 (BIG TELECOM JSC)
+2a00:1468::/32 RU-BIGTELECOM-20091007 (Big Telecom JSC)
 2a00:14d0::/29 RU-RAID-20091014 (JSC "ER-Telecom Holding")
 2a00:15f8::/32 RU-MASTERHOST-20091105 (LLC "MASTERHOST")
 2a00:1640::/32 RU-RTK-20091111 (PJSC Rostelecom)
@@ -374,7 +375,6 @@
 2a00:1dc8::/32 RU-MCNTELECOM-20100322 (MSN Telecom LLC)
 2a00:1e10::/29 RU-POSTLTD-20100326 (OOO "Post ltd")
 2a00:1e48::/32 RU-TRANSTELECOM-20100401 (Joint Stock Company TransTeleCom)
-2a00:1e68::/30 RU-FOTONTELECOM-20100407 (Foton Telecom CJSC)
 2a00:1e88::/32 RU-RTK-20100408 (PJSC Rostelecom)
 2a00:1ec8::/29 RU-ROSPRINT-20100412 (LLC Orange Business Services)
 2a00:1f70::/32 RU-RCN-20100420 (RECONN LLC)
@@ -478,7 +478,7 @@
 2a00:b940::/32 RU-IGRA-SERVICE-20150520 (Igra-Service LLC)
 2a00:bcc0::/32 RU-ELIT-TV-20160601 (Viter Evgeniy Vasilevich)
 2a00:bd40::/32 RU-INEWS-20120314 (INEWS LLC)
-2a00:bdc0::/29 RU-VKONTAKTE-20120314 (VKontakte Ltd)
+2a00:bdc0::/29 RU-VKONTAKTE-20120314 (LLC VK)
 2a00:be00::/29 RU-MASTERTEL-20110125 (JSC Mastertel)
 2a00:be20::/32 RU-VERMONT-IT-20130725 (Vermont-IT Limited Liability Company)
 2a00:bf00::/32 RU-CT-C-20110217 ("Computational technologies - consulting" LLC)
@@ -688,7 +688,6 @@
 2a02:2548::/32 RU-UNIVERSUMBIT-20101005 (Universum bit Ltd.)
 2a02:2560::/32 RU-TRANSTELECOM-20101005 (Joint Stock Company TransTeleCom)
 2a02:2568::/32 RU-RIALCOM-20101006 (Rial Com JSC)
-2a02:25a0::/32 RU-YAMALTELECOM-20101008 (JSC"Yamaltelekom")
 2a02:25e0::/32 RU-RTK-20101012 (PJSC Rostelecom)
 2a02:2620::/32 RU-ISKRATELECOM-20101013 (Iskratelecom JSC)
 2a02:2648::/29 RU-SIGNAL-20101014 (Signal Service LLC)
@@ -771,6 +770,7 @@
 2a02:de80::/29 RU-WEST-CALL-20121108 (OOO WestCall Ltd.)
 2a02:e5c0::/29 RU-K2INTEGRATION-20121121 (K2 Integration JSC)
 2a02:e620::/30 RU-INTERNET-HOSTING-20121129 (Internet-Hosting Ltd)
+2a02:e700::/32 RU-SHANTORA-20251222 (Alexey Andreevich Shantora)
 2a02:e840::/29 RU-TRANSTELECOM-20121123 (Joint Stock Company TransTeleCom)
 2a02:e880::/29 RU-MATRIXTELECOM-20121123 (JSC Avantel)
 2a02:eb00::/29 RU-QWARTA-20121129 (QWARTA LLC)
@@ -832,7 +832,6 @@
 2a03:4700::/32 RU-KMW-20110401 (Stavtelecom LLC)
 2a03:4900::/32 RU-REGRU-20110401 ("Domain names registrar REG.RU", Ltd)
 2a03:4d00::/32 RU-NEMEROV-20110404 (Nemerov Evgeniy Vladimirovish PE)
-2a03:4da0::/32 RU-NPFROI-20141103 (LLC "Nauchno proizvodstvennaya Firma "Raspredelennaya Obrabotka Informacii")
 2a03:4ec0::/32 RU-AMOBILE-20121108 (JV A-Mobile Ltd.)
 2a03:4fc0::/32 RU-MODUS333-20150513 (MODUS LLC)
 2a03:5040::/29 RU-RAID-20121109 (JSC "ER-Telecom Holding")
@@ -849,7 +848,7 @@
 2a03:58c0::/32 RU-KAMENSKTEL-20121113 (Closed Joint Stock Company Radiotelephone)
 2a03:5a00::/29 RU-LEADERTELECOM-20110204 (LeaderTelecom Ltd.)
 2a03:5a60::/32 RU-LINENEW-20141125 (Limited liability company "New Line")
-2a03:5a80::/32 RU-WILAND-20110915 (Wiland Ltd)
+2a03:5a80::/32 RU-TRUNKMOBILE-20110915 (TrunkMobile JSC)
 2a03:5b80::/32 RU-TRANSTELECOM-20140616 (Joint Stock Company TransTeleCom)
 2a03:5c80::/32 RU-TELEMAKS-20110915 (TeleMaks Ltd)
 2a03:5ca0::/32 RU-GTSS-20141128 (GeoTelecommunications LLC)
@@ -874,7 +873,7 @@
 2a03:7ca0::/29 RU-MAINACC-20150213 (Ivan Bulavkin)
 2a03:7d80::/32 RU-GKUMO-20151012 (GKU MO "MOC IKT")
 2a03:7da0::/29 RU-MAINACC-20150216 (Ivan Bulavkin)
-2a03:7dc0::/32 RU-FANNET-20121130 (FANNET TELECOM LLC)
+2a03:7dc0::/32 RU-FANNET-20121130 (Dom-TV LLC)
 2a03:7f00::/32 RU-M9COM-20110407 (M9 COM LTD)
 2a03:7f60::/29 RU-MAINACC-20150217 (Ivan Bulavkin)
 2a03:8060::/32 RU-ABS-20150217 (Active business systems Ltd.)
@@ -905,7 +904,7 @@
 2a03:a7c0::/32 RU-SINTLTD-20121220 (Limited Company "SiNT")
 2a03:a840::/32 RU-MSNET-20121221 (Multiservice Networks Ltd.)
 2a03:a9c0::/29 RU-DOVECOM-20121221 (Dovecom LLC)
-2a03:aa00::/32 RU-ZELENAYA-20110207 (OOO SET)
+2a03:aa00::/32 RU-MTU-20110207 (MTS PJSC)
 2a03:aa80::/32 RU-KUBTEL-20111020 (KUBAN-TELECOM Ltd.)
 2a03:af60::/32 RU-MGTS-20160620 (PJSC Moscow city telephone network)
 2a03:b0e0::/32 RU-ZAODS-20160804 (JSC "Ufanet")
@@ -1023,14 +1022,14 @@
 2a04:ef00::/29 RU-SPRINT-20150402 (Sprint Ltd)
 2a04:f240::/29 RU-RUSPHONE-20140702 (LLC "ER-Telecom Moscow")
 2a04:f800::/29 RU-MIRANDA-MEDIA-20140716 (Miranda-Media Ltd)
-2a04:fa00::/29 RU-RT27-20210908 (Rustel LLC)
-2a05:440::/29 RU-SIUNOC-20210908 (Sysoeva Irina Yurevna)
+2a04:fa00::/29 RU-AU-20210908 (Auction LLC)
 2a05:540::/29 RU-NOCRU-20140804 (LLC "Internet Tehnologii")
-2a05:b80::/29 RU-SERVER-V-ARENDY-20140812 (LLC "Server v arendy")
+2a05:b80::/29 RU-IT-BASIS-20140812 (LLC IT BASIS)
 2a05:1100::/29 RU-V-TELL-GT-20140819 (Global Telecom LLC)
 2a05:1700::/29 RU-RELINK-20140826 (Relink LTD)
 2a05:1880::/29 RU-EFKO-20210908 (Management Company EFKO JSC)
 2a05:1e40::/29 RU-AU-20181002 (Auction LLC)
+2a05:25c0::/29 RU-INATEL-KRASNOPEREKOPSK-20251218 (INATEL-KRASNOPEREKOPSK Ltd.)
 2a05:2940::/29 RU-ZTK-20160426 (Secure Telecommunication LLC)
 2a05:29c0::/29 RU-KOMPEATELECOM-20140917 (Kompeatelecom Ltd.)
 2a05:2b80::/29 RU-DT-NET-20180614 (Dubrovka Telecom LLC)
@@ -1073,7 +1072,6 @@
 2a05:9c00::/29 RU-TIMER-20180618 (Timer, LLC)
 2a05:a000::/29 RU-RCNTEC-20150113 (RCNTEC LLC)
 2a05:a080::/29 RU-BWTELE-20150113 (OOO Mango Telecom)
-2a05:a200::/29 RU-FARTEL-20150114 (Fartel Ltd)
 2a05:a400::/29 RU-OBIT-20150527 ("OBIT" Ltd.)
 2a05:a680::/29 RU-OPTILINK-20150119 (Optilink Ltd)
 2a05:a700::/29 RU-OTC-20150119 (JSC OTC)
@@ -1119,7 +1117,6 @@
 2a06:43c0::/29 RU-A-N-T-20150703 (Alpha Net Telecom Ltd)
 2a06:4480::/29 RU-WEBOGROUP-20150706 (WEBO LLC)
 2a06:4680::/29 RU-COMFORT-20150707 (Comfort XXI Century Ltd.)
-2a06:47c0::/29 RU-UNIVER-20150707 (University Telecommunications Ltd.)
 2a06:49c0::/29 RU-IMPERATOR-20160418 (Imperator LLC)
 2a06:4c40::/29 RU-EUTELSAT-20150710 (Eutelsat Networks LLC)
 2a06:50c0::/32 RU-TIS-DIALOG-20200108 (TIS Dialog LLC)
@@ -1210,7 +1207,6 @@
 2a07:da80::/29 RU-IPDOLIN-20180528 (Yury Dolin)
 2a07:dc40::/32 RU-ORN-20180703 ("Resurs-Svyaz" Ltd)
 2a07:dc80::/29 RU-IPDOLIN-20180528 (Yury Dolin)
-2a07:dcc0::/29 RU-SISTEMY-SVYAZI-20180703 (Sistemy Svyazi Llc)
 2a07:e2c0::/29 RU-PKPFERRIT-20180704 (PKP Ferrit LLC)
 2a07:e380::/29 RU-VOLNA-20180529 (KTK TELECOM LLC)
 2a07:e5c0::/29 RU-MAINACC-20180704 (Ivan Bulavkin)
@@ -1229,6 +1225,7 @@
 2a09:680::/29 RU-IMASTER-20181127 (Gorodskaya elektronnaya svyaz Ltd)
 2a09:c80::/29 RU-OPTIMASET-20181127 (OOO Optimaset)
 2a09:d80::/29 RU-VPSVILLE1-20181127 (LLC Vpsville)
+2a09:1180::/29 RU-IPADDRESS-20251204 (i7 LLC)
 2a09:1280::/29 RU-KMISAEV-20181128 (Isaev Kamil Magomedovich)
 2a09:1940::/29 RU-RCK-20190116 (Torgovyi dom Mashinostroitelnye zavody LLC)
 2a09:1a40::/29 RU-TVINNET-20190116 (OOO TeleMontag)
@@ -1287,7 +1284,7 @@
 2a09:b3c0::/29 RU-TELEMIR-20190308 (LLC Telemir)
 2a09:b680::/29 RU-VPSVILLE1-20181218 (LLC Vpsville)
 2a09:ba40::/29 RU-TELECOM-20190312 (Telenet LLC)
-2a09:bb00::/29 RU-XL-20181122 (X LLC)
+2a09:bb00::/29 RU-LOCAL-20181122 (LIR LLC)
 2a09:bc00::/29 RU-AU-20181106 (Auction LLC)
 2a09:bd00::/32 RU-MSK-IX-20181122 (Join-stock company "Internet Exchange"MSK-IX")
 2a09:bd80::/29 RU-VPSVILLE1-20181219 (LLC Vpsville)
@@ -1311,7 +1308,6 @@
 2a09:da40::/29 RU-TELECOM-20190319 (Telenet LLC)
 2a09:dd00::/29 RU-AU-20181123 (Auction LLC)
 2a09:de00::/29 RU-SBCLOUD-20181112 (SBCLOUD LLC)
-2a09:df40::/29 RU-SIUNOC-20210920 (Sysoeva Irina Yurevna)
 2a09:e2c0::/29 RU-IPMAGNAT-20190321 (Mikhail Tonkonog)
 2a09:e300::/29 RU-AU-20181123 (Auction LLC)
 2a09:e5c0::/29 RU-IPMAGNAT-20190321 (Mikhail Tonkonog)
@@ -1367,7 +1363,7 @@
 2a0a:8580::/29 RU-IPSMAIN-20190702 (Sysoev Aleksey Anatolevich)
 2a0a:8a80::/29 RU-YARNET-KALUGA-20161129 (YARNET LLC)
 2a0a:8d80::/29 RU-WEBHOST1COM-20161129 (Webhost LLC)
-2a0a:8f80::/29 RU-IP-20161129 (i7 LLC)
+2a0a:8f80::/29 RU-IPADDRESS-20161129 (i7 LLC)
 2a0a:9740::/31 RU-FREEDOM-20170413 (Freedom LLC)
 2a0a:9980::/29 RU-DATAFORCE-20161201 (CJSC "DataForce IP")
 2a0a:9cc0::/29 RU-LOGOS-K-20170418 (LOGOS-K LLC)
@@ -1384,7 +1380,7 @@
 2a0a:b8c0::/32 RU-BURGERKING-20170425 (BURGER RUS LLC)
 2a0a:bbc0::/29 RU-TELECOM-20220105 (Telenet LLC)
 2a0a:c0c0::/29 RU-AU-20170501 (Auction LLC)
-2a0a:c380::/29 RU-XL-20190704 (X LLC)
+2a0a:c380::/29 RU-LOCAL-20190704 (LIR LLC)
 2a0a:c3c0::/29 RU-VPSVILLE1-20210518 (LLC Vpsville)
 2a0a:cd00::/32 RU-RTCLOUD-20161005 (RTCloud, LLC)
 2a0a:d0c0::/32 RU-NOMOS-RESERVE-20200608 (JSC "BM-Bank")
@@ -1399,13 +1395,12 @@
 2a0a:eec0::/32 RU-PDKLLC-20170517 (PDK LLC)
 2a0a:f140::/32 RU-EDIWEB-20170517 (Ediweb LLC)
 2a0a:f200::/29 RU-VPSVILLE1-20160906 (LLC Vpsville)
-2a0a:f580::/29 RU-XL-20191022 (X LLC)
+2a0a:f580::/29 RU-LOCAL-20191022 (LIR LLC)
 2a0a:f6c0::/29 RU-RAID-20170519 (JSC "ER-Telecom Holding")
 2a0a:f940::/32 RU-FOR-20170522 (Joint stock company "For")
 2a0b:340::/29 RU-UTELLTD-20170524 (UTEL Ltd)
 2a0b:3c0::/29 RU-RTSISPRUS-20200115 (RTS LLC)
 2a0b:580::/32 RU-UNICO-20161220 (JSC RDE "Unico")
-2a0b:780::/29 RU-INATEL-20161221 (INATEL Ltd.)
 2a0b:840::/29 RU-DEVINOTELECOM-20170529 (Limited Liability Company "DEVINO TELECOM")
 2a0b:980::/32 RU-TVSI-20161222 (Joint Stock Company Tyvasviazinform)
 2a0b:1380::/29 RU-OTK-20161228 (OTK LLC)
@@ -1442,7 +1437,6 @@
 2a0b:7a80::/29 RU-TELECOM-20190826 (Telenet LLC)
 2a0b:7ec0::/29 RU-MEDIA-LAND-20200610 (Media Land LLC)
 2a0b:8380::/29 RU-PROFIRU-20170120 ("PROFI.RU" LLC)
-2a0b:8480::/29 RU-NPFROI-20170120 (LLC "Nauchno proizvodstvennaya Firma "Raspredelennaya Obrabotka Informacii")
 2a0b:88c0::/29 RU-MEDIA-LAND-20200610 (Media Land LLC)
 2a0b:8d40::/29 RU-CWN-20211228 ("Pronet" LLC)
 2a0b:8ec0::/29 RU-CIT23-20170720 (LLC "Information Technology Center")
@@ -1450,7 +1444,7 @@
 2a0b:9000::/29 RU-AU-20190621 (Auction LLC)
 2a0b:9080::/29 RU-MGNHOST-NET-20220128 (Tyurin Viktor Mihaylovich)
 2a0b:9480::/29 RU-TELECOM-20181002 (Telenet LLC)
-2a0b:97c0::/29 RU-CHTE-20170725 (Chitatehenergy JSC)
+2a0b:97c0::/29 RU-EESNET-20170725 (JOINT-STOCK COMPANY "MOSCOW ENERGY COMMUNICATION NODE")
 2a0b:9a00::/29 RU-FIRSTDC-20200428 (Perviy TSOD LLC)
 2a0b:9c40::/29 RU-FILI-TELECOM-20170725 (FILI-Telecom LLC)
 2a0b:9fc0::/29 RU-RAID-20170726 (JSC "ER-Telecom Holding")
@@ -1496,7 +1490,6 @@
 2a0c:3140::/29 RU-DOCKER-20180329 (Docker LTD)
 2a0c:3d80::/29 RU-TELECOM-SERVICE-20171229 (Telecom Service LLC)
 2a0c:3f40::/32 RU-EI-20180405 (CJSC EN Telecom)
-2a0c:4280::/29 RU-INTELECOM-20180102 (LLC Promsvyaz-Invest)
 2a0c:4480::/29 RU-QUANTIL-20191022 (GLOBAL CLOUD NETWORK LLC)
 2a0c:5240::/29 RU-VPSVILLE1-20180411 (LLC Vpsville)
 2a0c:5300::/29 RU-ATSTEL-20171110 (ATC Telecom LTD.)
@@ -1504,6 +1497,7 @@
 2a0c:5640::/29 RU-INTELLIN-20180412 (JSC Intellin)
 2a0c:5ec0::/29 RU-SERVICE-IT-20180416 (LLC IT-service)
 2a0c:6680::/29 RU-KLEYNKOM4-20180105 (Kleynkom LLC)
+2a0c:68c0::/29 RU-WS1-20260130 ("Wireless systems" LLC)
 2a0c:6900::/29 RU-LEK-20171113 (Alliance LLC)
 2a0c:6c00::/29 RU-VDS-TELECOM-20230504 (VDS-TELECOM LLC)
 2a0c:6d00::/32 RU-SPACE-20171113 (Federal State Budgetary Institution of Science "Space Research Institute of the Russian Academy of Sciences".)
@@ -1580,6 +1574,7 @@
 2a0d:6d40::/29 RU-REGLAND-20240220 (Regland ltd)
 2a0d:70c0::/29 RU-AT-20180914 (Apple Technologies LLC)
 2a0d:7480::/29 RU-SETII-20180214 (Nets and Services JCS)
+2a0d:7680::/32 RU-IAKHONTOV-20260203 (Iaroslav Iakhontov)
 2a0d:7740::/29 RU-VPSVILLE1-20180917 (LLC Vpsville)
 2a0d:7840::/29 RU-MAINACC-20180918 (Ivan Bulavkin)
 2a0d:80c0::/29 RU-RSVOSPB-20180919 (JSC Russian Broadcasting and Notification Networks)
@@ -1660,7 +1655,7 @@
 2a0e:4a80::/29 RU-IPSMAIN-20190516 (Sysoev Aleksey Anatolevich)
 2a0e:4bc0::/29 RU-LOCAL-20190716 (LIR LLC)
 2a0e:4f40::/29 RU-MAINACC-20190716 (Ivan Bulavkin)
-2a0e:4fc0::/29 RU-XL-20190716 (X LLC)
+2a0e:4fc0::/29 RU-LOCAL-20190716 (LIR LLC)
 2a0e:50c0::/29 RU-TELESYSTEMS-20220927 (Telecommunication Systems LLC)
 2a0e:5380::/29 RU-LOCAL-20190517 (LIR LLC)
 2a0e:5640::/29 RU-LOCAL-20190718 (LIR LLC)
@@ -1675,7 +1670,6 @@
 2a0e:6140::/29 RU-MAINACC-20190722 (Ivan Bulavkin)
 2a0e:6740::/29 RU-TELECOM-20190722 (Telenet LLC)
 2a0e:67c0::/29 RU-TELECOM-20190722 (Telenet LLC)
-2a0e:6980::/29 RU-VIRTUALDC7-20220308 (Dmitrii Vladimirovich Malkov)
 2a0e:7000::/29 RU-RSINET-20190403 (RamSvyazInvest LLC)
 2a0e:7040::/29 RU-TELECOM-20190724 (Telenet LLC)
 2a0e:7200::/29 RU-GBNHOST-20190415 (LLC DZHIBIEN HOST)
@@ -1687,7 +1681,7 @@
 2a0e:7e40::/29 RU-O2CLOUD-20190726 (O2 Cloud LLC)
 2a0e:7e80::/29 RU-DOMSET-20190527 (DomSet OOO)
 2a0e:7f00::/29 RU-AU-20190429 (Auction LLC)
-2a0e:7f40::/29 RU-XL-20190726 (X LLC)
+2a0e:7f40::/29 RU-LOCAL-20190726 (LIR LLC)
 2a0e:8080::/29 RU-LOCAL-20190527 (LIR LLC)
 2a0e:8140::/29 RU-BITERIKA-20190729 (Biterika Group LLC)
 2a0e:8540::/29 RU-TELECOM-20190729 (Telenet LLC)
@@ -1736,7 +1730,7 @@
 2a0e:f400::/29 RU-TELNET-20190410 (Telnet LLC)
 2a0e:f5c0::/29 RU-BB-20251021 (Fedor Berg)
 2a0e:fa80::/29 RU-INTERNETHOSTING-20190614 (Internet Hosting LLC)
-2a0e:fb40::/29 RU-XL-20190827 (X LLC)
+2a0e:fb40::/29 RU-LOCAL-20190827 (LIR LLC)
 2a0e:ff80::/29 RU-TERALINETELECOM-20190614 (Teraline Telecom Ltd)
 2a0e:ffc0::/29 RU-LOCAL-20190827 (LIR LLC)
 2a0f::/29 RU-UMNYESETI-20190827 (Grand Ltd)
@@ -1772,7 +1766,7 @@
 2a0f:8580::/29 RU-PIN-20191002 (Petersburg Internet Network ltd.)
 2a0f:8b00::/29 RU-ORIONBR-20190913 (Orion telecom ltd)
 2a0f:9880::/29 RU-VPSVILLE1-20191004 (LLC Vpsville)
-2a0f:9c00::/29 RU-RT27-20190903 (Rustel LLC)
+2a0f:9c00::/29 RU-AU-20190903 (Auction LLC)
 2a0f:9d00::/29 RU-AU-20190916 (Auction LLC)
 2a0f:9f40::/29 RU-SRR-20191119 (SvyazResurs-Region LLC)
 2a0f:a180::/29 RU-SKYTELECOM-20191007 (TSK LLC)
@@ -1806,7 +1800,7 @@
 2a10:1b40::/29 RU-VOSHOD-20200327 (Federal State Institution Research and Development Institute "Voskhod", FGAU)
 2a10:2040::/29 RU-SERVERMALL-20200401 (Servermall LLC)
 2a10:2840::/29 RU-PANDORATRADE-20200409 (Pandora Trade LLC)
-2a10:3100::/29 RU-INETCOM-20200211 (Inetcom LLC)
+2a10:3100::/29 RU-INETCOM-CARRIER-20200211 (INETCOM CARRIER LLC)
 2a10:3380::/29 RU-LLCINTERCON-20200227 (LLC Intercon)
 2a10:4100::/29 RU-IPMAGNAT-20200415 (Mikhail Tonkonog)
 2a10:4280::/29 RU-FIRSTDC-20200417 (Perviy TSOD LLC)
@@ -1820,7 +1814,7 @@
 2a10:4f80::/29 RU-FIRSTDC-20200421 (Perviy TSOD LLC)
 2a10:5080::/29 RU-FIRSTDC-20200421 (Perviy TSOD LLC)
 2a10:5180::/29 RU-FIRSTDC-20200421 (Perviy TSOD LLC)
-2a10:5cc0::/29 RU-MAI-20200904 (Federal State Budgetary Educational Institution of Higher Education Moscow Aviation Institute (National Research University))
+2a10:5cc0::/29 RU-MAI-20200904 (Federal State Autonomous Educational Institution of Higher Education "Moscow Aviation Institute (National Research University)")
 2a10:61c0::/29 RU-DATAFORT-20200909 (DataFort LLC)
 2a10:62c0::/29 RU-OKKO-20200911 (OKKO LLC)
 2a10:6a40::/29 RU-IITRUST-20200918 (InfoTeCS Internet Trust JSC)
@@ -1846,7 +1840,9 @@
 2a10:9bc0::/29 RU-FIRSTDC-20210225 (Perviy TSOD LLC)
 2a10:9c40::/29 RU-FIRSTDC-20210225 (Perviy TSOD LLC)
 2a10:9cc0::/29 RU-FIRSTDC-20210225 (Perviy TSOD LLC)
+2a10:a680::/29 RU-INTECH-20260213 (INTEX ltd.)
 2a10:aa80::/29 RU-NUBES-20201217 (NUBES llc)
+2a10:ab80::/29 RU-PREFIXLABS-20260216 (Denis Aleksandrovich Iakovlev)
 2a10:ad00::/29 RU-FIRSTDC-20201117 (Perviy TSOD LLC)
 2a10:ad80::/29 RU-IVC-20201218 (Information & Computing Center, Ltd.)
 2a10:af00::/29 RU-FIRSTDC-20201117 (Perviy TSOD LLC)
@@ -1863,6 +1859,7 @@
 2a10:cfc0::/29 RU-TALENTSUCCESS-20210408 (Educational Fund "Talent and success")
 2a10:d240::/29 RU-MAINACC-20210412 (Ivan Bulavkin)
 2a10:d5c0::/29 RU-MAINACC-20210414 (Ivan Bulavkin)
+2a10:d740::/29 RU-KVANTA-20260216 (KVANTA LLC)
 2a10:d8c0::/29 RU-VPSVILLE1-20210416 (LLC Vpsville)
 2a10:df00::/29 RU-RVISION-20201124 (RVISION Ltd.)
 2a10:e040::/29 RU-MAINACC-20210421 (Ivan Bulavkin)
@@ -1872,6 +1869,7 @@
 2a10:f640::/29 RU-ACTIVEBC-20210506 (ActiveBusinessConsult LLC)
 2a10:fa00::/29 RU-EVROKONTAKTVN-20201109 (EUROCONTACT VELIKY NOVGOROD LLC)
 2a11:200::/29 RU-VPSVILLE1-20210511 (LLC Vpsville)
+2a11:300::/29 RU-TUNDRA-TC-20260216 (LLC "TUNDRA TELECOM")
 2a11:640::/29 RU-TELECOM-20210701 (Telenet LLC)
 2a11:680::/29 RU-VPSVILLE1-20210514 (LLC Vpsville)
 2a11:700::/29 RU-CTEL-20210512 (LLC Tatarstan-On-Line)
@@ -1883,24 +1881,24 @@
 2a11:c80::/29 RU-VPSVILLE1-20210514 (LLC Vpsville)
 2a11:d80::/29 RU-VPSVILLE1-20210514 (LLC Vpsville)
 2a11:e80::/29 RU-VPSVILLE1-20210514 (LLC Vpsville)
-2a11:f40::/29 RU-RT27-20210910 (Rustel LLC)
+2a11:f40::/29 RU-AU-20210910 (Auction LLC)
 2a11:1040::/29 RU-MONUMENT-A-20210910 (Monument-A LLC)
 2a11:1340::/29 RU-TELECOM-20210914 (Telenet LLC)
 2a11:1380::/29 RU-TELECOM-20210811 (Telenet LLC)
-2a11:1480::/29 RU-RT27-20210812 (Rustel LLC)
-2a11:1540::/29 RU-RT27-20210914 (Rustel LLC)
+2a11:1480::/29 RU-AU-20210812 (Auction LLC)
+2a11:1540::/29 RU-AU-20210914 (Auction LLC)
 2a11:15c0::/29 RU-TELECOM-20210914 (Telenet LLC)
-2a11:1640::/29 RU-XL-20210914 (X LLC)
+2a11:1640::/29 RU-LOCAL-20210914 (LIR LLC)
 2a11:1680::/29 RU-P24-SERVICE-20251105 (LLC "P24-SERVICE")
 2a11:1840::/29 RU-TELECOM-20210914 (Telenet LLC)
 2a11:1940::/29 RU-ZTV2-20210914 (ZTV CORP LLC)
 2a11:1a00::/29 RU-ALROSA-20210715 (PJSC ALROSA)
 2a11:1a40::/29 RU-FIRSTDC-20210914 (Perviy TSOD LLC)
-2a11:1a80::/29 RU-RT27-20210812 (Rustel LLC)
+2a11:1a80::/29 RU-AU-20210812 (Auction LLC)
 2a11:1c00::/29 RU-FIRSTDC-20210708 (Perviy TSOD LLC)
-2a11:1f00::/29 RU-RT27-20210727 (Rustel LLC)
-2a11:2080::/29 RU-XL-20210813 (X LLC)
-2a11:2140::/29 RU-RT27-20210916 (Rustel LLC)
+2a11:1f00::/29 RU-AU-20210727 (Auction LLC)
+2a11:2080::/29 RU-LOCAL-20210813 (LIR LLC)
+2a11:2140::/29 RU-AU-20210916 (Auction LLC)
 2a11:21c0::/29 RU-TELECOM-20210916 (Telenet LLC)
 2a11:2400::/29 RU-FIRSTDC-20210708 (Perviy TSOD LLC)
 2a11:2700::/29 RU-FIRSTDC-20210728 (Perviy TSOD LLC)
@@ -1911,87 +1909,81 @@
 2a11:3080::/29 RU-TELECOM-20210817 (Telenet LLC)
 2a11:3180::/29 RU-TELECOM-20210817 (Telenet LLC)
 2a11:31c0::/29 RU-TELECOM-20210921 (Telenet LLC)
-2a11:3340::/29 RU-XL-20210921 (X LLC)
-2a11:3440::/29 RU-RT27-20210921 (Rustel LLC)
+2a11:3340::/29 RU-LOCAL-20210921 (LIR LLC)
+2a11:3440::/29 RU-AU-20210921 (Auction LLC)
 2a11:34c0::/29 RU-TELECOM-20210921 (Telenet LLC)
 2a11:35c0::/29 RU-TELECOM-20210922 (Telenet LLC)
 2a11:3c40::/29 RU-AU-20210923 (Auction LLC)
 2a11:3d00::/29 RU-TELECOM-20210730 (Telenet LLC)
 2a11:3ec0::/29 RU-FIRSTDC-20210923 (Perviy TSOD LLC)
 2a11:3f00::/29 RU-TELECOM-20210730 (Telenet LLC)
-2a11:3fc0::/29 RU-RT27-20210923 (Rustel LLC)
+2a11:3fc0::/29 RU-AU-20210923 (Auction LLC)
 2a11:4040::/29 RU-AU-20210924 (Auction LLC)
 2a11:41c0::/29 RU-TELECOM-20210924 (Telenet LLC)
 2a11:4340::/29 RU-TELECOM-20210924 (Telenet LLC)
-2a11:44c0::/29 RU-SIUNOC-20210924 (Sysoeva Irina Yurevna)
-2a11:45c0::/29 RU-RT27-20210924 (Rustel LLC)
-2a11:4640::/29 RU-XL-20210924 (X LLC)
+2a11:45c0::/29 RU-AU-20210924 (Auction LLC)
+2a11:4640::/29 RU-LOCAL-20210924 (LIR LLC)
 2a11:4a00::/29 RU-TELECOM-20210719 (Telenet LLC)
 2a11:4a40::/29 RU-IPSMAIN-20210927 (Sysoev Aleksey Anatolevich)
-2a11:4a80::/29 RU-RT27-20210819 (Rustel LLC)
+2a11:4a80::/29 RU-AU-20210819 (Auction LLC)
 2a11:4ac0::/29 RU-BITERIKA-20210927 (Biterika Group LLC)
 2a11:4b40::/29 RU-IPMAGNAT-20210927 (Mikhail Tonkonog)
-2a11:5180::/29 RU-RT27-20210819 (Rustel LLC)
+2a11:5180::/29 RU-AU-20210819 (Auction LLC)
 2a11:5780::/29 RU-IPMAGNAT-20210819 (Mikhail Tonkonog)
-2a11:5880::/29 RU-XL-20210819 (X LLC)
+2a11:5880::/29 RU-LOCAL-20210819 (LIR LLC)
 2a11:5a40::/29 RU-TELECOM-20210929 (Telenet LLC)
 2a11:5bc0::/29 RU-QWARTA-20210930 (QWARTA LLC)
-2a11:6300::/29 RU-RT27-20210802 (Rustel LLC)
+2a11:6300::/29 RU-AU-20210802 (Auction LLC)
 2a11:6340::/29 RU-TELECOM-20211001 (Telenet LLC)
 2a11:6380::/29 RU-EKACOD-20210820 (Vichislitelniy Centr Ltd.)
-2a11:6500::/29 RU-XL-20210802 (X LLC)
+2a11:6500::/29 RU-LOCAL-20210802 (LIR LLC)
 2a11:6540::/29 RU-AU-20211001 (Auction LLC)
 2a11:6580::/29 RU-AU-20210820 (Auction LLC)
-2a11:65c0::/29 RU-XL-20211001 (X LLC)
+2a11:65c0::/29 RU-LOCAL-20211001 (LIR LLC)
 2a11:66c0::/29 RU-TELECOM-20211001 (Telenet LLC)
-2a11:68c0::/29 RU-RT27-20211001 (Rustel LLC)
-2a11:6ac0::/29 RU-VKORABLEV-20211004 (Vladimir Korablev)
+2a11:68c0::/29 RU-AU-20211001 (Auction LLC)
 2a11:6bc0::/29 RU-AU-20211004 (Auction LLC)
 2a11:6d00::/29 RU-AU-20210802 (Auction LLC)
 2a11:6e40::/29 RU-IPSMAIN-20211004 (Sysoev Aleksey Anatolevich)
 2a11:7080::/29 RU-TELECOM-20210823 (Telenet LLC)
 2a11:7140::/29 RU-FIRSTDC-20211004 (Perviy TSOD LLC)
-2a11:7180::/29 RU-SIUNOC-20210823 (Sysoeva Irina Yurevna)
-2a11:7680::/29 RU-XL-20210823 (X LLC)
+2a11:7680::/29 RU-LOCAL-20210823 (LIR LLC)
 2a11:7880::/29 RU-TELECOM-20210824 (Telenet LLC)
 2a11:7e40::/29 RU-VIRTUALDC-20211006 (Dmitrii Vladimirovich Malkov)
 2a11:8100::/29 RU-FIRSTDC-20210803 (Perviy TSOD LLC)
-2a11:8300::/29 RU-XL-20210803 (X LLC)
-2a11:83c0::/29 RU-RIPE8-20211007 (Dmitrii Aleksandrovich Miasnikov)
-2a11:8440::/29 RU-XL-20211007 (X LLC)
+2a11:8300::/29 RU-LOCAL-20210803 (LIR LLC)
+2a11:8440::/29 RU-LOCAL-20211007 (LIR LLC)
 2a11:8480::/29 RU-VIRTUALDC-20210824 (Dmitrii Vladimirovich Malkov)
 2a11:84c0::/29 RU-AU-20211007 (Auction LLC)
 2a11:8500::/29 RU-TELECOM-20210803 (Telenet LLC)
-2a11:85c0::/29 RU-XL-20211007 (X LLC)
+2a11:85c0::/29 RU-LOCAL-20211007 (LIR LLC)
 2a11:8600::/29 RU-NICOS-20210720 (LLC Company NICOS)
 2a11:8780::/29 RU-MESHNET-20210824 (Vladimir Dmitriev)
-2a11:87c0::/29 RU-TELEGA-20251124 (JOINT STOCK COMPANY "DAL")
-2a11:8940::/29 RU-RT27-20211007 (Rustel LLC)
-2a11:8f80::/29 RU-XL-20210825 (X LLC)
+2a11:87c0::/29 RU-TELEGA-20251124 (JOINT STOCK COMPANY "TELEGA")
+2a11:8940::/29 RU-AU-20211007 (Auction LLC)
+2a11:8f80::/29 RU-LOCAL-20210825 (LIR LLC)
 2a11:91c0::/29 RU-IPMAGNAT-20211008 (Mikhail Tonkonog)
-2a11:9380::/29 RU-RT27-20210825 (Rustel LLC)
+2a11:9380::/29 RU-AU-20210825 (Auction LLC)
 2a11:9880::/29 RU-TELECOM-20210825 (Telenet LLC)
-2a11:9e40::/29 RU-SIUNOC-20211012 (Sysoeva Irina Yurevna)
 2a11:9f40::/29 RU-AU-20211013 (Auction LLC)
-2a11:9fc0::/29 RU-XL-20211013 (X LLC)
+2a11:9fc0::/29 RU-LOCAL-20211013 (LIR LLC)
 2a11:a180::/29 RU-AU-20210827 (Auction LLC)
 2a11:a940::/29 RU-WEST-CALL-20211014 (OOO WestCall Ltd.)
-2a11:acc0::/29 RU-XL-20211015 (X LLC)
+2a11:acc0::/29 RU-LOCAL-20211015 (LIR LLC)
 2a11:af00::/29 RU-VPSVILLE1-20210806 (LLC Vpsville)
 2a11:b1c0::/29 RU-IPMAGNAT-20211015 (Mikhail Tonkonog)
 2a11:b680::/29 RU-TELECOM-20210831 (Telenet LLC)
-2a11:b780::/29 RU-XL-20210831 (X LLC)
+2a11:b780::/29 RU-LOCAL-20210831 (LIR LLC)
 2a11:bcc0::/29 RU-AM-20211019 (Nadezhda Mamaeva)
-2a11:be80::/29 RU-XL-20210901 (X LLC)
-2a11:c100::/29 RU-XL-20210806 (X LLC)
-2a11:c440::/29 RU-XL-20211019 (X LLC)
-2a11:c540::/29 RU-XL-20211019 (X LLC)
-2a11:c700::/29 RU-XL-20210809 (X LLC)
+2a11:be80::/29 RU-LOCAL-20210901 (LIR LLC)
+2a11:c100::/29 RU-LOCAL-20210806 (LIR LLC)
+2a11:c440::/29 RU-LOCAL-20211019 (LIR LLC)
+2a11:c540::/29 RU-LOCAL-20211019 (LIR LLC)
+2a11:c700::/29 RU-LOCAL-20210809 (LIR LLC)
 2a11:c880::/29 RU-ALEXGROUP-20210901 (Alex Group LLC)
-2a11:ca80::/29 RU-SIUNOC-20210902 (Sysoeva Irina Yurevna)
 2a11:cb80::/29 RU-UMLC-20210902 (Uzhnie Magistraljnie Linii Svyazi LLC)
-2a11:cd00::/29 RU-XL-20210809 (X LLC)
-2a11:d080::/29 RU-XL-20210902 (X LLC)
+2a11:cd00::/29 RU-LOCAL-20210809 (LIR LLC)
+2a11:d080::/29 RU-LOCAL-20210902 (LIR LLC)
 2a11:d280::/29 RU-VSUE-20210902 (Federal State Budgetary Educational Institution of Higher Education "Vladivostok State University")
 2a11:d380::/29 RU-TELECOM-20210903 (Telenet LLC)
 2a11:d700::/29 RU-TELECOM-20210810 (Telenet LLC)
@@ -1999,48 +1991,47 @@
 2a11:df40::/29 RU-VIRTUALDC-20211025 (Dmitrii Vladimirovich Malkov)
 2a11:e140::/29 RU-ALEXGROUP-20211025 (Alex Group LLC)
 2a11:e380::/29 RU-IEGALCHENKO1-20210906 (Galchenko Anna Viktorovna)
-2a11:e540::/29 RU-XL-20211026 (X LLC)
-2a11:e7c0::/29 RU-XL-20211026 (X LLC)
+2a11:e540::/29 RU-LOCAL-20211026 (LIR LLC)
+2a11:e7c0::/29 RU-LOCAL-20211026 (LIR LLC)
 2a11:e840::/30 RU-NDEV-20211026 (Anton Rashitovich Khalikov)
 2a11:f000::/29 RU-IGKH-20210706 (Inna Grigorevna Khoruzhaya)
-2a11:f180::/29 RU-XL-20210907 (X LLC)
+2a11:f180::/29 RU-LOCAL-20210907 (LIR LLC)
 2a11:f680::/29 RU-FIRSTDC-20210907 (Perviy TSOD LLC)
 2a11:f800::/29 RU-FIRSTDC-20210708 (Perviy TSOD LLC)
 2a11:f840::/29 RU-QWARTA-20211028 (QWARTA LLC)
 2a11:f8c0::/29 RU-CONNECTING-20211028 (Connecting LLC)
-2a11:fb40::/29 RU-XL-20211209 (X LLC)
+2a11:fb40::/29 RU-LOCAL-20211209 (LIR LLC)
 2a11:fc80::/29 RU-IPMAGNAT-20230605 (Mikhail Tonkonog)
-2a11:fec0::/29 RU-XL-20211209 (X LLC)
+2a11:fec0::/29 RU-LOCAL-20211209 (LIR LLC)
 2a12:2c0::/29 RU-IPSMAIN-20211210 (Sysoev Aleksey Anatolevich)
 2a12:480::/29 RU-PMC-GRCC-20211118 (FSUE "GlavNIVZ")
 2a12:9c0::/29 RU-QWARTA-20211214 (QWARTA LLC)
-2a12:10c0::/29 RU-XL-20211216 (X LLC)
-2a12:1140::/29 RU-XL-20211216 (X LLC)
+2a12:10c0::/29 RU-LOCAL-20211216 (LIR LLC)
+2a12:1140::/29 RU-LOCAL-20211216 (LIR LLC)
 2a12:1240::/29 RU-TELECOM-20211216 (Telenet LLC)
 2a12:1540::/29 RU-TELECOM-20211217 (Telenet LLC)
-2a12:15c0::/29 RU-XL-20211217 (X LLC)
-2a12:1800::/29 RU-XL-20211029 (X LLC)
-2a12:1880::/29 RU-XL-20211119 (X LLC)
-2a12:1940::/29 RU-XL-20211221 (X LLC)
+2a12:15c0::/29 RU-LOCAL-20211217 (LIR LLC)
+2a12:1800::/29 RU-LOCAL-20211029 (LIR LLC)
+2a12:1880::/29 RU-LOCAL-20211119 (LIR LLC)
+2a12:1940::/29 RU-LOCAL-20211221 (LIR LLC)
 2a12:1a40::/29 RU-TELECOM-20211221 (Telenet LLC)
-2a12:1c40::/29 RU-RT27-20211221 (Rustel LLC)
-2a12:1cc0::/29 RU-XL-20211221 (X LLC)
-2a12:1d80::/29 RU-SIUNOC-20211119 (Sysoeva Irina Yurevna)
+2a12:1c40::/29 RU-AU-20211221 (Auction LLC)
+2a12:1cc0::/29 RU-LOCAL-20211221 (LIR LLC)
 2a12:1e80::/29 RU-IPMAGNAT-20211119 (Mikhail Tonkonog)
 2a12:2040::/29 RU-AU-20211222 (Auction LLC)
 2a12:2200::/29 RU-IPSERVER-20211104 (IP SERVER LLC)
 2a12:24c0::/29 RU-TELECOM-20211223 (Telenet LLC)
-2a12:25c0::/29 RU-XL-20211223 (X LLC)
+2a12:25c0::/29 RU-LOCAL-20211223 (LIR LLC)
 2a12:2740::/29 RU-TELECOM-20211227 (Telenet LLC)
-2a12:2c40::/29 RU-XL-20211228 (X LLC)
+2a12:2c40::/29 RU-LOCAL-20211228 (LIR LLC)
 2a12:2cc0::/29 RU-TELECOM-20211228 (Telenet LLC)
 2a12:2d40::/29 RU-QWARTA-20211228 (QWARTA LLC)
 2a12:2e40::/29 RU-TELECOM-20211228 (Telenet LLC)
-2a12:2ec0::/29 RU-RT27-20211228 (Rustel LLC)
+2a12:2ec0::/29 RU-AU-20211228 (Auction LLC)
 2a12:2fc0::/29 RU-AU-20211228 (Auction LLC)
 2a12:3040::/29 RU-AU-20211228 (Auction LLC)
 2a12:3140::/29 RU-TELECOM-20211228 (Telenet LLC)
-2a12:34c0::/29 RU-XL-20211230 (X LLC)
+2a12:34c0::/29 RU-LOCAL-20211230 (LIR LLC)
 2a12:3580::/29 RU-NEWLINE-20211122 (OOO New Line)
 2a12:35c0::/29 RU-TELECOM-20211230 (Telenet LLC)
 2a12:3740::/29 RU-TELECOM-20220103 (Telenet LLC)
@@ -2048,55 +2039,52 @@
 2a12:3800::/29 RU-INETLLC-20211029 (Internet Technologies LLC)
 2a12:38c0::/29 RU-AU-20220105 (Auction LLC)
 2a12:39c0::/29 RU-AU-20220105 (Auction LLC)
-2a12:3ac0::/29 RU-XL-20220105 (X LLC)
-2a12:3b40::/29 RU-XL-20220105 (X LLC)
+2a12:3ac0::/29 RU-LOCAL-20220105 (LIR LLC)
+2a12:3b40::/29 RU-LOCAL-20220105 (LIR LLC)
 2a12:3bc0::/29 RU-TELECOM-20220105 (Telenet LLC)
 2a12:3cc0::/29 RU-TELECOM-20220105 (Telenet LLC)
-2a12:3d40::/29 RU-RT27-20220105 (Rustel LLC)
-2a12:3dc0::/29 RU-RT27-20220105 (Rustel LLC)
+2a12:3d40::/29 RU-AU-20220105 (Auction LLC)
+2a12:3dc0::/29 RU-AU-20220105 (Auction LLC)
 2a12:4140::/29 RU-TELECOM-20220106 (Telenet LLC)
 2a12:41c0::/29 RU-TELECOM-20220106 (Telenet LLC)
-2a12:4240::/29 RU-XL-20220106 (X LLC)
+2a12:4240::/29 RU-LOCAL-20220106 (LIR LLC)
 2a12:4300::/29 RU-IPMAGNAT-20211111 (Mikhail Tonkonog)
-2a12:4500::/29 RU-XL-20211111 (X LLC)
+2a12:4500::/29 RU-LOCAL-20211111 (LIR LLC)
 2a12:46c0::/29 RU-TELECOM-20220107 (Telenet LLC)
 2a12:4800::/29 RU-FIRSTDC-20211029 (Perviy TSOD LLC)
-2a12:4c00::/29 RU-XL-20211102 (X LLC)
-2a12:5580::/29 RU-XL-20211123 (X LLC)
+2a12:4c00::/29 RU-LOCAL-20211102 (LIR LLC)
+2a12:5580::/29 RU-LOCAL-20211123 (LIR LLC)
 2a12:5a00::/29 RU-IPMAGNAT-20211105 (Mikhail Tonkonog)
-2a12:6300::/29 RU-SIUNOC-20211112 (Sysoeva Irina Yurevna)
 2a12:6440::/32 RU-OPTIKLINE-20220124 (Optik Line LLC)
-2a12:6500::/29 RU-ZION5-20211112 (Yury Vladimirovich Nekulitsy)
-2a12:6600::/29 RU-XL-20211105 (X LLC)
+2a12:6600::/29 RU-LOCAL-20211105 (LIR LLC)
 2a12:6700::/29 RU-VIRTUALDC-20211112 (Dmitrii Vladimirovich Malkov)
 2a12:6780::/29 RU-INETLLC-20211124 (Internet Technologies LLC)
-2a12:6940::/29 RU-VIRTUALDC6-20220204 (Dmitrii Vladimirovich Malkov)
 2a12:6c40::/29 RU-ALEXGROUP-20220207 (Alex Group LLC)
 2a12:70c0::/29 RU-IEGALCHENKO1-20220210 (Galchenko Anna Viktorovna)
 2a12:7300::/29 RU-TELECOM-20211112 (Telenet LLC)
 2a12:7380::/32 RU-TKH-INVEST-20211125 (TKH-Invest Ltd.)
-2a12:7980::/29 RU-XL-20211125 (X LLC)
+2a12:7980::/29 RU-LOCAL-20211125 (LIR LLC)
 2a12:7c00::/29 RU-VPSVILLE1-20211102 (LLC Vpsville)
 2a12:7f40::/29 RU-ALEXGROUP-20220217 (Alex Group LLC)
 2a12:80c0::/29 RU-REDBYTES-20220217 (Red Byte LLC)
 2a12:8100::/29 RU-IPMAGNAT-20211112 (Mikhail Tonkonog)
-2a12:8800::/29 RU-XL-20211029 (X LLC)
+2a12:8800::/29 RU-LOCAL-20211029 (LIR LLC)
 2a12:8c40::/29 RU-VIAIP-RU-20220224 (ViaIP LLC)
 2a12:8cc0::/29 RU-LLCRUSSIAN-20220224 (LLC Russian clouds)
 2a12:92c0::/29 RU-ALEXGROUP-20220301 (Alex Group LLC)
 2a12:9400::/29 RU-PLATFORMA-20211102 (Big Data Platform LLC)
 2a12:9500::/29 RU-TELECOM-20211115 (Telenet LLC)
-2a12:9700::/29 RU-XL-20211115 (X LLC)
-2a12:9e00::/29 RU-XL-20211108 (X LLC)
+2a12:9700::/29 RU-LOCAL-20211115 (LIR LLC)
+2a12:9e00::/29 RU-LOCAL-20211108 (LIR LLC)
 2a12:a340::/29 RU-IPMAGNAT-20220314 (Mikhail Tonkonog)
 2a12:afc0::/29 RU-LETIT-20220318 (Letit LLC)
 2a12:b2c0::/29 RU-AHOST-20220321 (Ahost LLC)
 2a12:b3c0::/29 RU-ALEXGROUP-20220322 (Alex Group LLC)
-2a12:b4c0::/29 RU-MWS-20220323 (JOINT STOCK COMPANY "MTS WEB SERVICES")
+2a12:b4c0::/29 RU-MTU-20220323 (MTS PJSC)
 2a12:ba40::/29 RU-SENTASERV-20220330 (Senta Service LLC)
 2a12:bbc0::/29 RU-STANMIX1-20220331 (AREAL. REGIONAL CENTER LIMITED LIABILITY COMPANY)
 2a12:bdc0::/29 RU-DEDIC164-20220401 (LLC "SMART CENTER")
-2a12:c180::/29 RU-XL-20211201 (X LLC)
+2a12:c180::/29 RU-LOCAL-20211201 (LIR LLC)
 2a12:c2c0::/29 RU-DORA-20220406 (Dora LLC)
 2a12:c300::/29 RU-IPMAGNAT-20211116 (Mikhail Tonkonog)
 2a12:c5c0::/29 RU-IEZHUCHKOV-20220407 (Zhuchkov Mikhail)
@@ -2136,7 +2124,6 @@
 2a13:7340::/32 RU-AOAGENCY-20221227 (AO PACTOUR Agency)
 2a13:73c0::/29 RU-TAHION-20221228 (LLC SIP "NIS")
 2a13:7e00::/29 RU-IEGALCHENKO1-20220627 (Galchenko Anna Viktorovna)
-2a13:8480::/29 RU-SIUNOC-20230222 (Sysoeva Irina Yurevna)
 2a13:8580::/29 RU-IPMAGNAT-20230222 (Mikhail Tonkonog)
 2a13:8c40::/29 RU-IPMAGNAT-20230707 (Mikhail Tonkonog)
 2a13:8e40::/29 RU-OFORO-20230712 (Bykov Roman Andreevich)
@@ -2167,9 +2154,6 @@
 2a14:380::/29 RU-TERMINAL-20231127 (JSC SHEREMETYEVO INTERNATIONAL AIRPORT)
 2a14:9c0::/29 RU-DOMOLAN-20240220 (DomoLAN Ltd.)
 2a14:1280::/29 RU-FIRSTDC-20231204 (Perviy TSOD LLC)
-2a14:1580::/29 RU-RIPE8-20231205 (Dmitrii Aleksandrovich Miasnikov)
-2a14:1680::/29 RU-RIPE8-20231205 (Dmitrii Aleksandrovich Miasnikov)
-2a14:1780::/29 RU-RIPE8-20231205 (Dmitrii Aleksandrovich Miasnikov)
 2a14:1f40::/32 RU-MOVETEL-20240314 (Movetel LTD)
 2a14:1fc0::/32 RU-NVTELECOM-20240315 (NV Telecom LLC)
 2a14:25c0::/29 RU-DTP-20240320 (Digital Transformation Plus LLC)

blacklists/blacklist-v6.txt

@@ -1,25 +0,0 @@
-2a00:1148::/29
-2a00:1148::/32
-2a00:46e0:2::/48
-2a00:46e0::/32
-2a00:a300::/32
-2a00:b4c0::/32
-2a00:bdc0:8000::/34
-2a00:bdc0::/33
-2a00:bdc0:c000::/35
-2a00:bdc0:e002::/48
-2a00:bdc0:e003::/48
-2a00:bdc0:e004::/48
-2a00:bdc0:e005::/48
-2a00:bdc0:e007::/48
-2a00:bdc0:f000::/36
-2a00:bdc1::/32
-2a00:bdc2::/31
-2a00:bdc4::/30
-2a0c:a9c7:156::/48
-2a0c:a9c7:157::/48
-2a0c:a9c7:158::/48
-2a14:25c0::/32
-2a14:25c5::/32
-2a14:25c6::/32
-2a14:25c7::/32

blacklists_iptables/README.md

@@ -1,109 +0,0 @@
-# IPTables/IPSet Blacklist Configurations
-
-Auto-generated ipset configuration files for blocking networks and IP addresses with iptables/ip6tables.
-
-## Available Files
-
-### IPv4 Only
-
-- **`blacklist-v4.ipset`** - Contains only IPv4 networks (806 entries)
-
-### IPv6 Only
-
-- **`blacklist-v6.ipset`** - Contains only IPv6 networks (3 entries)
-
-### Mixed IPv4/IPv6
-
-- **`blacklist.ipset`** - Contains both IPv4 and IPv6 sets (809 total entries)
-
-## Usage
-
-### 1. Load the IPSet
-
-```bash
-# For IPv4 only
-ipset restore < blacklist-v4.ipset
-
-# For IPv6 only
-ipset restore < blacklist-v6.ipset
-
-# For both IPv4 and IPv6 (loads both sets)
-ipset restore < blacklist.ipset
-```
-
-### 2. Apply IPTables Rules
-
-```bash
-# For IPv4
-iptables -I INPUT -m set --match-set blacklist-v4 src -j DROP
-iptables -I FORWARD -m set --match-set blacklist-v4 src -j DROP
-
-# For IPv6
-ip6tables -I INPUT -m set --match-set blacklist-v6 src -j DROP
-ip6tables -I FORWARD -m set --match-set blacklist-v6 src -j DROP
-```
-
-### 3. Persist Rules (Optional)
-
-To make the rules persistent across reboots:
-
-**On Debian/Ubuntu:**
-
-```bash
-# Save iptables rules
-iptables-save > /etc/iptables/rules.v4
-ip6tables-save > /etc/iptables/rules.v6
-
-# Save ipset
-ipset save > /etc/ipset.conf
-```
-
-**On RHEL/CentOS:**
-
-```bash
-# Save iptables rules
-service iptables save
-service ip6tables save
-
-# Save ipset
-ipset save > /etc/sysconfig/ipset
-```
-
-### 4. Update Existing Sets
-
-To update the blacklist without restarting iptables:
-
-```bash
-# Flush and reload
-ipset flush blacklist-v4
-ipset restore < blacklist-v4.ipset
-```
-
-### 5. Remove Sets
-
-```bash
-# Remove IPv4 set
-ipset flush blacklist-v4
-ipset destroy blacklist-v4
-
-# Remove IPv6 set
-ipset flush blacklist-v6
-ipset destroy blacklist-v6
-```
-
-## Performance Benefits
-
-IPSet uses hash tables for O(1) lookup performance, making it ideal for large blacklists:
-
-- Much faster than individual iptables rules
-- Minimal CPU overhead
-- Supports up to 65536 entries per set (configurable)
-- Kernel-level implementation for maximum efficiency
-
-## Automatic Updates
-
-These files are automatically regenerated when the blacklists are updated via the GitHub Actions workflow.
-
-## Source
-
-Generated from the blacklist files in the `blacklists/` directory.

blacklists_iptables/blacklist-v6.ipset

@@ -1,43 +0,0 @@
-# IPSet blacklist configuration (IPv6 only)
-# Auto-generated from blacklist-v6.txt
-# Last updated: 2025-12-31 06:24:51 UTC
-#
-# Usage:
-#   1. Load the ipset:
-#      ipset restore < blacklist-v6.ipset
-#
-#   2. Use with iptables/ip6tables:
-#      iptables -I INPUT -m set --match-set blacklist-v6 src -m conntrack --ctstate NEW -j DROP
-#      iptables -I FORWARD -m set --match-set blacklist-v6 src -m conntrack --ctstate NEW -j DROP
-#
-#   3. To flush/delete the set:
-#      ipset flush blacklist-v6
-#      ipset destroy blacklist-v6
-#
-
-create blacklist-v6 hash:net family inet6 hashsize 1024 maxelem 50
-add blacklist-v6 2a00:1148::/29
-add blacklist-v6 2a00:1148::/32
-add blacklist-v6 2a00:46e0:2::/48
-add blacklist-v6 2a00:46e0::/32
-add blacklist-v6 2a00:a300::/32
-add blacklist-v6 2a00:b4c0::/32
-add blacklist-v6 2a00:bdc0:8000::/34
-add blacklist-v6 2a00:bdc0::/33
-add blacklist-v6 2a00:bdc0:c000::/35
-add blacklist-v6 2a00:bdc0:e002::/48
-add blacklist-v6 2a00:bdc0:e003::/48
-add blacklist-v6 2a00:bdc0:e004::/48
-add blacklist-v6 2a00:bdc0:e005::/48
-add blacklist-v6 2a00:bdc0:e007::/48
-add blacklist-v6 2a00:bdc0:f000::/36
-add blacklist-v6 2a00:bdc1::/32
-add blacklist-v6 2a00:bdc2::/31
-add blacklist-v6 2a00:bdc4::/30
-add blacklist-v6 2a0c:a9c7:156::/48
-add blacklist-v6 2a0c:a9c7:157::/48
-add blacklist-v6 2a0c:a9c7:158::/48
-add blacklist-v6 2a14:25c0::/32
-add blacklist-v6 2a14:25c5::/32
-add blacklist-v6 2a14:25c6::/32
-add blacklist-v6 2a14:25c7::/32

blacklists_nginx/README.md

@@ -1,302 +0,0 @@
-# Nginx Blacklist Configurations
-
-Auto-generated nginx configuration files for blocking networks and IP addresses.
-
-## Available Files
-
-### Mixed IPv4/IPv6
-
-- **`blacklist.conf`** - Contains both IPv4 and IPv6 deny rules (809 entries)
-
-### IPv4 Only
-
-- **`blacklist-v4.conf`** - Contains only IPv4 deny rules (806 entries)
-
-### IPv6 Only
-
-- **`blacklist-v6.conf`** - Contains only IPv6 deny rules (3 entries)
-
-## Usage
-
-### Basic Usage
-
-Include the desired configuration file in your nginx `server` or `location` block:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Include the blacklist
-    include /path/to/blacklist.conf;
-
-    location / {
-        # your configuration
-    }
-}
-```
-
-### Separate IPv4/IPv6 Files
-
-For more granular control, use separate files:
-
-```nginx
-server {
-    listen 80;
-    listen [::]:80;
-    server_name example.com;
-
-    # Include both IPv4 and IPv6 blacklists
-    include /path/to/blacklist-v4.conf;
-    include /path/to/blacklist-v6.conf;
-
-    location / {
-        # your configuration
-    }
-}
-```
-
-### HTTP Block Level
-
-Apply the blacklist globally to all virtual hosts:
-
-```nginx
-http {
-    # Apply blacklist globally
-    include /path/to/blacklist.conf;
-
-    server {
-        listen 80;
-        server_name example.com;
-        # ...
-    }
-
-    server {
-        listen 80;
-        server_name another.com;
-        # ...
-    }
-}
-```
-
-### Location Block Level
-
-For selective blocking within specific locations:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    location /admin {
-        # Apply blacklist only to admin area
-        include /path/to/blacklist.conf;
-        # ...
-    }
-
-    location /public {
-        # Public area without blacklist
-        # ...
-    }
-}
-```
-
-## Testing Configuration
-
-After adding the blacklist, always test your nginx configuration:
-
-```bash
-# Test configuration
-nginx -t
-
-# Reload nginx if test passes
-nginx -s reload
-# or
-systemctl reload nginx
-```
-
-## Custom Response
-
-By default, denied IPs receive a connection drop. To customize the response:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Return custom error page
-    error_page 403 /403.html;
-
-    include /path/to/blacklist.conf;
-
-    location = /403.html {
-        root /usr/share/nginx/html;
-        internal;
-    }
-}
-```
-
-Note: For large blacklists, using `deny` directives (as in these files) is more efficient than `if` statements.
-
-## Performance Considerations
-
-- **Deny directives** are processed in order and stop at the first match
-- For optimal performance, most frequently matched IPs should be at the top
-- Current files are sorted for consistency
-- Nginx handles hundreds of deny rules efficiently
-- For very large blacklists (10,000+ entries), consider using:
-  - Nginx GeoIP2 module for geographic blocking
-  - nftables/iptables at the firewall level for better performance
-  - Stream module for TCP/UDP level blocking
-
-## Integration Examples
-
-### Docker Deployment
-
-```dockerfile
-FROM nginx:alpine
-
-# Copy blacklist
-COPY blacklist.conf /etc/nginx/blacklist.conf
-
-# Copy nginx config that includes the blacklist
-COPY nginx.conf /etc/nginx/nginx.conf
-
-EXPOSE 80 443
-CMD ["nginx", "-g", "daemon off;"]
-```
-
-### Kubernetes ConfigMap
-
-```yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: nginx-blacklist
-data:
-  blacklist.conf: |
-    # Include blacklist content here
-    deny 109.124.119.88/29;
-    deny 109.124.66.128/30;
-    # ...
-```
-
-### Automated Updates
-
-Set up a cron job to automatically fetch the latest blacklist:
-
-```bash
-#!/bin/bash
-# /etc/cron.daily/update-nginx-blacklist
-
-# Download latest blacklist
-wget -q https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_nginx/blacklist.conf \
-  -O /etc/nginx/blacklist.conf.new
-
-# Test nginx configuration
-nginx -t -c /etc/nginx/nginx.conf
-
-# If test passes, reload nginx
-if [ $? -eq 0 ]; then
-    mv /etc/nginx/blacklist.conf.new /etc/nginx/blacklist.conf
-    systemctl reload nginx
-    echo "Blacklist updated successfully"
-else
-    rm /etc/nginx/blacklist.conf.new
-    echo "Nginx config test failed, blacklist not updated"
-fi
-```
-
-## Logging Blocked Requests
-
-To log denied requests:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Custom log format for denied IPs
-    log_format blocked '$remote_addr - $remote_user [$time_local] '
-                      '"$request" 403 0 '
-                      '"$http_referer" "$http_user_agent"';
-
-    access_log /var/log/nginx/blocked.log blocked;
-
-    include /path/to/blacklist.conf;
-
-    location / {
-        # your configuration
-    }
-}
-```
-
-## Monitoring
-
-Check how many IPs are being blocked:
-
-```bash
-# Count deny rules
-grep -c "deny" /path/to/blacklist.conf
-
-# Check blocked access logs
-tail -f /var/log/nginx/blocked.log
-
-# Count blocked requests today
-grep "$(date +%d/%b/%Y)" /var/log/nginx/access.log | grep " 403 " | wc -l
-```
-
-## Troubleshooting
-
-### Configuration Test Fails
-
-```bash
-# Check syntax
-nginx -t
-
-# Check for duplicate includes
-grep -r "include.*blacklist" /etc/nginx/
-
-# Verify file permissions
-ls -l /path/to/blacklist.conf
-```
-
-### Legitimate Users Blocked
-
-Check if their IP is in the blacklist:
-
-```bash
-grep "YOUR_IP" /path/to/blacklist.conf
-```
-
-Whitelist specific IPs before applying the blacklist:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Whitelist before blacklist
-    allow 192.168.1.100;  # Trusted IP
-
-    # Then apply blacklist
-    include /path/to/blacklist.conf;
-
-    # Deny all others not explicitly allowed
-    # deny all;  # Optional
-}
-```
-
-## Automatic Updates
-
-These files are automatically regenerated daily when the blacklists are updated via the GitHub Actions workflow.
-
-## Source
-
-Generated from the blacklist files in the `blacklists/` directory by `blacklists_updater_nginx.sh`.
-
-## See Also
-
-- [IPTables/IPSet Format](../blacklists_iptables/README.md) - For firewall-level blocking
-- [Text Format](../blacklists/README.md) - For custom integrations
-- [Main Repository](https://github.com/C24Be/AS_Network_List) - Complete documentation

blacklists_nginx/blacklist-v6.conf

@@ -1,34 +0,0 @@
-# Nginx blacklist configuration (IPv6 only)
-# Auto-generated from blacklist-v6.txt
-# Last updated: 2025-12-31 06:24:51 UTC
-#
-# Usage: Include this file in your nginx server or location block:
-#   include /path/to/blacklist-v6.conf;
-#
-
-deny 2a00:1148::/29;
-deny 2a00:1148::/32;
-deny 2a00:46e0:2::/48;
-deny 2a00:46e0::/32;
-deny 2a00:a300::/32;
-deny 2a00:b4c0::/32;
-deny 2a00:bdc0:8000::/34;
-deny 2a00:bdc0::/33;
-deny 2a00:bdc0:c000::/35;
-deny 2a00:bdc0:e002::/48;
-deny 2a00:bdc0:e003::/48;
-deny 2a00:bdc0:e004::/48;
-deny 2a00:bdc0:e005::/48;
-deny 2a00:bdc0:e007::/48;
-deny 2a00:bdc0:f000::/36;
-deny 2a00:bdc1::/32;
-deny 2a00:bdc2::/31;
-deny 2a00:bdc4::/30;
-deny 2a0c:a9c7:156::/48;
-deny 2a0c:a9c7:157::/48;
-deny 2a0c:a9c7:158::/48;
-deny 2a14:25c0::/32;
-deny 2a14:25c5::/32;
-deny 2a14:25c6::/32;
-deny 2a14:25c7::/32;
-

blacklists_updater_iptables.sh

@@ -1,19 +1,46 @@
 #!/bin/sh
 
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
 # Input files (generated by blacklists_updater_txt.sh)
-blacklist_file="blacklists/blacklist.txt"
-blacklist_v4_file="blacklists/blacklist-v4.txt"
-blacklist_v6_file="blacklists/blacklist-v6.txt"
+blacklist_file="${SCRIPT_DIR}/blacklists/blacklist.txt"
+blacklist_v4_file="${SCRIPT_DIR}/blacklists/blacklist-v4.txt"
+blacklist_v6_file="${SCRIPT_DIR}/blacklists/blacklist-v6.txt"
+
+# Source files for name-based VK filtering
+auto_all_v4_file="${SCRIPT_DIR}/auto/all-ru-ipv4.txt"
+auto_all_v6_file="${SCRIPT_DIR}/auto/all-ru-ipv6.txt"
+auto_ripe_v4_file="${SCRIPT_DIR}/auto/ripe-ru-ipv4.txt"
+vk_name_pattern='VK[[:space:]-]*CLOUD|VKCOMPANY|VKONTAKTE'
+
+# Additional VK-only text blacklists
+blacklist_vk_file="${SCRIPT_DIR}/blacklists/blacklist-vk.txt"
+blacklist_vk_v4_file="${SCRIPT_DIR}/blacklists/blacklist-vk-v4.txt"
+blacklist_vk_v6_file="${SCRIPT_DIR}/blacklists/blacklist-vk-v6.txt"
 
 # Output directory and files
-iptables_output_dir="blacklists_iptables"
+iptables_output_dir="${SCRIPT_DIR}/blacklists_iptables"
 iptables_output_file="${iptables_output_dir}/blacklist.ipset"
 iptables_v4_output_file="${iptables_output_dir}/blacklist-v4.ipset"
 iptables_v6_output_file="${iptables_output_dir}/blacklist-v6.ipset"
+iptables_vk_output_file="${iptables_output_dir}/blacklist-vk.ipset"
+iptables_vk_v4_output_file="${iptables_output_dir}/blacklist-vk-v4.ipset"
+iptables_vk_v6_output_file="${iptables_output_dir}/blacklist-vk-v6.ipset"
 
 # Create iptables directory if it doesn't exist
 mkdir -p "${iptables_output_dir}"
 
+# Build additional VK-only blacklist from network names in auto/*.txt files
+tmp_vk_file="$(mktemp "${SCRIPT_DIR}/blacklists/.blacklist-vk.XXXXXX")"
+for source_file in "${auto_all_v4_file}" "${auto_all_v6_file}" "${auto_ripe_v4_file}"; do
+    [ -f "${source_file}" ] || continue
+    awk -v pattern="${vk_name_pattern}" 'BEGIN { IGNORECASE = 1 } $0 ~ pattern { print $1 }' "${source_file}" >> "${tmp_vk_file}"
+done
+sort -u "${tmp_vk_file}" > "${blacklist_vk_file}"
+grep ':' "${blacklist_vk_file}" | sort -u > "${blacklist_vk_v6_file}" || true
+grep -v ':' "${blacklist_vk_file}" | sort -u > "${blacklist_vk_v4_file}" || true
+rm -f "${tmp_vk_file}"
+
 # Function to generate ipset config from input file
 generate_ipset_config() {
     local input_file="$1"
@@ -21,6 +48,19 @@ generate_ipset_config() {
     local ip_version="$3"
     local set_name="$4"
     local family="$5"
+    local iptables_cmd="iptables"
+    local rule_primary=""
+    local rule_secondary=""
+
+    [ "${family}" = "inet6" ] && iptables_cmd="ip6tables"
+
+    if printf "%s" "${set_name}" | grep -q '^blacklist-vk'; then
+        rule_primary="${iptables_cmd} -I OUTPUT -m set --match-set ${set_name} dst -j REJECT"
+        rule_secondary="${iptables_cmd} -I FORWARD -m set --match-set ${set_name} dst -j REJECT"
+    else
+        rule_primary="${iptables_cmd} -I INPUT -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP"
+        rule_secondary="${iptables_cmd} -I FORWARD -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP"
+    fi
 
     # Count entries for hash size calculation
     local count=$(wc -l < "${input_file}" | tr -d ' ')
@@ -38,8 +78,8 @@ generate_ipset_config() {
 #      ipset restore < $(basename ${output_file})
 #
 #   2. Use with iptables/ip6tables:
-#      iptables -I INPUT -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP
-#      iptables -I FORWARD -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP
+#      ${rule_primary}
+${rule_secondary:+#      ${rule_secondary}}
 #
 #   3. To flush/delete the set:
 #      ipset flush ${set_name}
@@ -63,6 +103,8 @@ EOF
 # Generate ipset configurations from blacklist files
 generate_ipset_config "${blacklist_v4_file}" "${iptables_v4_output_file}" "(IPv4 only)" "blacklist-v4" "inet"
 generate_ipset_config "${blacklist_v6_file}" "${iptables_v6_output_file}" "(IPv6 only)" "blacklist-v6" "inet6"
+generate_ipset_config "${blacklist_vk_v4_file}" "${iptables_vk_v4_output_file}" "(VK names, IPv4 only)" "blacklist-vk-v4" "inet"
+generate_ipset_config "${blacklist_vk_v6_file}" "${iptables_vk_v6_output_file}" "(VK names, IPv6 only)" "blacklist-vk-v6" "inet6"
 
 # For mixed file, we need to create two sets (IPv4 and IPv6) as ipset doesn't support mixed families
 cat > "${iptables_output_file}" << EOF
@@ -94,3 +136,43 @@ tail -n +2 "${iptables_v6_output_file}" | grep -E "^(create|add)" >> "${iptables
 
 echo "✓ Generated (mixed IPv4/IPv6): ${iptables_output_file}"
 echo "  Total entries: $(wc -l < "${blacklist_file}" | tr -d ' ')"
+
+# Generate mixed VK-only ipset file (contains both v4 and v6 sets)
+cat > "${iptables_vk_output_file}" << EOF
+# IPSet blacklist configuration (VK names: VK Cloud / VKCOMPANY / VKONTAKTE)
+# Auto-generated from name-filtered auto/*.txt sources
+# Last updated: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+#
+# Usage:
+#   1. Load the ipset:
+#      ipset restore < $(basename "${iptables_vk_output_file}")
+#
+#   2. Use with iptables/ip6tables:
+#      iptables -I OUTPUT -m set --match-set blacklist-vk-v4 dst -j REJECT
+#      iptables -I FORWARD -m set --match-set blacklist-vk-v4 dst -j REJECT
+#      ip6tables -I OUTPUT -m set --match-set blacklist-vk-v6 dst -j REJECT
+#      ip6tables -I FORWARD -m set --match-set blacklist-vk-v6 dst -j REJECT
+#
+#   3. To flush/delete the sets:
+#      ipset flush blacklist-vk-v4 && ipset destroy blacklist-vk-v4
+#      ipset flush blacklist-vk-v6 && ipset destroy blacklist-vk-v6
+#
+
+EOF
+
+tail -n +2 "${iptables_vk_v4_output_file}" | grep -E "^(create|add)" >> "${iptables_vk_output_file}"
+echo "" >> "${iptables_vk_output_file}"
+tail -n +2 "${iptables_vk_v6_output_file}" | grep -E "^(create|add)" >> "${iptables_vk_output_file}"
+
+echo "✓ Generated (VK names, mixed IPv4/IPv6): ${iptables_vk_output_file}"
+echo "  Total entries: $(wc -l < "${blacklist_vk_file}" | tr -d ' ')"
+
+echo ""
+echo "VK outgoing block examples (iptables/ipset):"
+echo "  ipset restore < ${iptables_vk_output_file}"
+echo "  iptables -I OUTPUT -m set --match-set blacklist-vk-v4 dst -j REJECT"
+echo "  iptables -I FORWARD -m set --match-set blacklist-vk-v4 dst -j REJECT"
+echo "  ip6tables -I OUTPUT -m set --match-set blacklist-vk-v6 dst -j REJECT"
+echo "  ip6tables -I FORWARD -m set --match-set blacklist-vk-v6 dst -j REJECT"
+echo ""
+echo "Tip: Do not install Messenger MAX on the same phone/device that has VPN access configured."

blacklists_updater_nftables.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+# Generates nftables blacklist configurations from the main blacklist
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+INPUT_FILE="$SCRIPT_DIR/blacklists/blacklist.txt"
+OUTPUT_DIR="$SCRIPT_DIR/blacklists_nftables"
+
+# Source files for name-based VK filtering
+AUTO_ALL_V4_FILE="$SCRIPT_DIR/auto/all-ru-ipv4.txt"
+AUTO_ALL_V6_FILE="$SCRIPT_DIR/auto/all-ru-ipv6.txt"
+AUTO_RIPE_V4_FILE="$SCRIPT_DIR/auto/ripe-ru-ipv4.txt"
+VK_NAME_PATTERN='VK[[:space:]-]*CLOUD|VKCOMPANY|VKONTAKTE'
+
+# Additional VK-only text blacklists
+VK_INPUT_FILE="$SCRIPT_DIR/blacklists/blacklist-vk.txt"
+VK_INPUT_V4_FILE="$SCRIPT_DIR/blacklists/blacklist-vk-v4.txt"
+VK_INPUT_V6_FILE="$SCRIPT_DIR/blacklists/blacklist-vk-v6.txt"
+
+# Create output directory if it doesn't exist
+mkdir -p "$OUTPUT_DIR"
+
+echo "Generating nftables blacklists..."
+
+# Build additional VK-only blacklist from network names in auto/*.txt files
+TMP_VK_FILE="$(mktemp "$SCRIPT_DIR/blacklists/.blacklist-vk.XXXXXX")"
+for source_file in "$AUTO_ALL_V4_FILE" "$AUTO_ALL_V6_FILE" "$AUTO_RIPE_V4_FILE"; do
+    [[ -f "$source_file" ]] || continue
+    awk -v pattern="$VK_NAME_PATTERN" 'BEGIN { IGNORECASE = 1 } $0 ~ pattern { print $1 }' "$source_file" >> "$TMP_VK_FILE"
+done
+sort -u "$TMP_VK_FILE" > "$VK_INPUT_FILE"
+grep ':' "$VK_INPUT_FILE" | sort -u > "$VK_INPUT_V6_FILE" || true
+grep -v ':' "$VK_INPUT_FILE" | sort -u > "$VK_INPUT_V4_FILE" || true
+rm -f "$TMP_VK_FILE"
+
+# Generate mixed IPv4/IPv6 blacklist
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$INPUT_FILE" \
+    "$OUTPUT_DIR/blacklist.nft"
+
+# Generate IPv4-only blacklist
+TMP_V4_FILE="/tmp/blacklist-v4.txt"
+TMP_V6_FILE="/tmp/blacklist-v6.txt"
+grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' "$INPUT_FILE" > "$TMP_V4_FILE" || true
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$TMP_V4_FILE" \
+    "$OUTPUT_DIR/blacklist-v4.nft"
+
+# Generate IPv6-only blacklist
+grep -E '^[0-9a-fA-F:]+:' "$INPUT_FILE" > "$TMP_V6_FILE" || true
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$TMP_V6_FILE" \
+    "$OUTPUT_DIR/blacklist-v6.nft"
+
+# Generate VK-only blacklists (network names: VK Cloud / VKCOMPANY / VKONTAKTE)
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$VK_INPUT_FILE" \
+    "$OUTPUT_DIR/blacklist-vk.nft"
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$VK_INPUT_V4_FILE" \
+    "$OUTPUT_DIR/blacklist-vk-v4.nft"
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$VK_INPUT_V6_FILE" \
+    "$OUTPUT_DIR/blacklist-vk-v6.nft"
+
+# Clean up temp files
+rm -f "$TMP_V4_FILE" "$TMP_V6_FILE"
+
+echo "nftables blacklists generated successfully!"
+echo ""
+echo "VM incoming block examples (all lists, nftables):"
+echo "  sudo nft -f $OUTPUT_DIR/blacklist.nft"
+echo "  sudo nft add chain inet filter input '{ type filter hook input priority 0; policy accept; }'"
+echo "  sudo nft add rule inet filter input ip saddr @blacklist_v4 counter reject"
+echo "  sudo nft add rule inet filter input ip6 saddr @blacklist_v6 counter reject"
+echo ""
+echo "VK outbound block examples for VPN clients via NAT (nftables):"
+echo "  sudo nft -f $OUTPUT_DIR/blacklist-vk.nft"
+echo "  sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy accept; }'"
+echo "  sudo nft add rule inet filter forward iifname \"<VPN_IFACE>\" ip daddr @blacklist_v4 counter reject"
+echo "  sudo nft add rule inet filter forward iifname \"<VPN_IFACE>\" ip6 daddr @blacklist_v6 counter reject"
+echo ""
+echo "Tip: Do not install Messenger MAX on the same phone/device that has VPN access configured."

blacklists_updater_routes.sh

@@ -0,0 +1,78 @@
+#!/bin/sh
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Source files for name-based VK filtering
+AUTO_ALL_V4_FILE="${SCRIPT_DIR}/auto/all-ru-ipv4.txt"
+AUTO_ALL_V6_FILE="${SCRIPT_DIR}/auto/all-ru-ipv6.txt"
+AUTO_RIPE_V4_FILE="${SCRIPT_DIR}/auto/ripe-ru-ipv4.txt"
+VK_NAME_PATTERN='VK[[:space:]-]*CLOUD|VKCOMPANY|VKONTAKTE'
+
+# Additional VK-only text blacklists
+VK_INPUT_FILE="${SCRIPT_DIR}/blacklists/blacklist-vk.txt"
+VK_INPUT_V4_FILE="${SCRIPT_DIR}/blacklists/blacklist-vk-v4.txt"
+VK_INPUT_V6_FILE="${SCRIPT_DIR}/blacklists/blacklist-vk-v6.txt"
+
+# Output directory and files
+ROUTES_OUTPUT_DIR="${SCRIPT_DIR}/blacklists_route"
+ROUTES_V4_FILE="${ROUTES_OUTPUT_DIR}/blacklist-vk-v4.routes"
+ROUTES_V6_FILE="${ROUTES_OUTPUT_DIR}/blacklist-vk-v6.routes"
+
+mkdir -p "${ROUTES_OUTPUT_DIR}" "${SCRIPT_DIR}/blacklists"
+
+echo "Generating VK route blacklists..."
+
+# Build additional VK-only blacklist from network names in auto/*.txt files
+TMP_VK_FILE="$(mktemp "${SCRIPT_DIR}/blacklists/.blacklist-vk.XXXXXX")"
+for source_file in "${AUTO_ALL_V4_FILE}" "${AUTO_ALL_V6_FILE}" "${AUTO_RIPE_V4_FILE}"; do
+	[ -f "${source_file}" ] || continue
+	awk -v pattern="${VK_NAME_PATTERN}" 'BEGIN { IGNORECASE = 1 } $0 ~ pattern { print $1 }' "${source_file}" >> "${TMP_VK_FILE}"
+done
+
+sort -u "${TMP_VK_FILE}" > "${VK_INPUT_FILE}"
+grep ':' "${VK_INPUT_FILE}" | sort -u > "${VK_INPUT_V6_FILE}" || true
+grep -v ':' "${VK_INPUT_FILE}" | sort -u > "${VK_INPUT_V4_FILE}" || true
+rm -f "${TMP_VK_FILE}"
+
+# Generate IPv4 routes file (route VK prefixes to loopback via 127.0.0.1)
+cat > "${ROUTES_V4_FILE}" << EOF
+# Linux routes for VK networks (IPv4)
+# Auto-generated by $(basename "$0")
+# Last updated: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+#
+# Apply:
+#   sudo sh $(basename "${ROUTES_V4_FILE}")
+#
+
+EOF
+
+while IFS= read -r network; do
+	[ -n "${network}" ] || continue
+	printf 'ip route replace %s via 127.0.0.1 dev lo onlink\n' "${network}" >> "${ROUTES_V4_FILE}"
+done < "${VK_INPUT_V4_FILE}"
+
+# Generate IPv6 routes file (route VK prefixes to loopback via ::1)
+cat > "${ROUTES_V6_FILE}" << EOF
+# Linux routes for VK networks (IPv6)
+# Auto-generated by $(basename "$0")
+# Last updated: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+#
+# Apply:
+#   sudo sh $(basename "${ROUTES_V6_FILE}")
+#
+
+EOF
+
+while IFS= read -r network; do
+	[ -n "${network}" ] || continue
+	printf 'ip -6 route replace %s via ::1 dev lo\n' "${network}" >> "${ROUTES_V6_FILE}"
+done < "${VK_INPUT_V6_FILE}"
+
+echo "✓ Generated: ${ROUTES_V4_FILE} (entries: $(wc -l < "${VK_INPUT_V4_FILE}" | tr -d ' '))"
+echo "✓ Generated: ${ROUTES_V6_FILE} (entries: $(wc -l < "${VK_INPUT_V6_FILE}" | tr -d ' '))"
+echo ""
+echo "Examples:"
+echo "  sudo sh ${ROUTES_V4_FILE}"
+echo "  sudo sh ${ROUTES_V6_FILE}"

check_nft_blacklist.py

@@ -0,0 +1,113 @@
+#!/usr/bin/env python3
+"""
+check_nft_blacklist.py
+Checks if an IP address is in the nftables blacklist configuration.
+Usage:
+  check_nft_blacklist.py nft_bl.conf 192.168.1.1
+  check_nft_blacklist.py nft_bl.conf 2001:db8::1
+"""
+
+import sys
+import re
+from ipaddress import ip_address, ip_network, AddressValueError
+from pathlib import Path
+
+def parse_nft_config(config_path):
+    """Extract IPv4 and IPv6 prefixes from nftables config."""
+    p = Path(config_path)
+    if not p.exists():
+        raise FileNotFoundError(f"Config file not found: {config_path}")
+    
+    content = p.read_text(encoding="utf-8")
+    v4_prefixes = []
+    v6_prefixes = []
+    
+    # Parse IPv4 set (blacklist_v4)
+    v4_match = re.search(
+        r'set blacklist_v4\s*\{[^}]*elements\s*=\s*\{([^}]+)\}',
+        content,
+        re.DOTALL
+    )
+    if v4_match:
+        elements = v4_match.group(1)
+        # Extract all CIDR notations
+        for match in re.finditer(r'(\d+\.\d+\.\d+\.\d+(?:/\d+)?)', elements):
+            try:
+                v4_prefixes.append(ip_network(match.group(1), strict=False))
+            except Exception as e:
+                print(f"Warning: Could not parse IPv4 prefix '{match.group(1)}': {e}", file=sys.stderr)
+    
+    # Parse IPv6 set (blacklist_v6)
+    v6_match = re.search(
+        r'set blacklist_v6\s*\{[^}]*elements\s*=\s*\{([^}]+)\}',
+        content,
+        re.DOTALL
+    )
+    if v6_match:
+        elements = v6_match.group(1)
+        # Extract all IPv6 CIDR notations
+        for match in re.finditer(r'([0-9a-fA-F:]+(?:/\d+)?)', elements):
+            try:
+                v6_prefixes.append(ip_network(match.group(1), strict=False))
+            except Exception as e:
+                # Skip false matches from comments or other text
+                pass
+    
+    return v4_prefixes, v6_prefixes
+
+def check_ip_in_blacklist(ip_addr, v4_prefixes, v6_prefixes):
+    """Check if IP address is in any of the blacklist prefixes."""
+    try:
+        addr = ip_address(ip_addr)
+    except AddressValueError as e:
+        raise ValueError(f"Invalid IP address: {ip_addr} ({e})")
+    
+    prefixes = v4_prefixes if addr.version == 4 else v6_prefixes
+    
+    for prefix in prefixes:
+        if addr in prefix:
+            return True, prefix
+    
+    return False, None
+
+def main(argv):
+    if len(argv) < 3:
+        print("Usage: python3 check_nft_blacklist.py <nft_config.conf> <ip_address>")
+        print("Examples:")
+        print("  check_nft_blacklist.py nft_bl.conf 192.168.1.1")
+        print("  check_nft_blacklist.py nft_bl.conf 2001:db8::1")
+        return 2
+    
+    config_file = argv[1]
+    ip_to_check = argv[2]
+    
+    # Parse the nftables config
+    try:
+        print(f"Loading blacklist from: {config_file}")
+        v4_prefixes, v6_prefixes = parse_nft_config(config_file)
+        print(f"Loaded {len(v4_prefixes)} IPv4 prefixes and {len(v6_prefixes)} IPv6 prefixes")
+    except Exception as e:
+        print(f"ERROR: Could not parse config file: {e}", file=sys.stderr)
+        return 3
+    
+    # Check if IP is in blacklist
+    try:
+        is_blocked, matching_prefix = check_ip_in_blacklist(ip_to_check, v4_prefixes, v6_prefixes)
+        
+        print(f"\nChecking IP: {ip_to_check}")
+        print("-" * 50)
+        
+        if is_blocked:
+            print(f"✗ BLOCKED - IP is in blacklist")
+            print(f"  Matching prefix: {matching_prefix}")
+            return 1
+        else:
+            print(f"✓ OK - IP is NOT in blacklist")
+            return 0
+            
+    except ValueError as e:
+        print(f"ERROR: {e}", file=sys.stderr)
+        return 4
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv))

generate_nft_blacklist.py

@@ -0,0 +1,155 @@
+#!/usr/bin/env python3
+"""
+generate_nft_blacklist.py
+Reads prefixes from a file or stdin, aggregates them and writes nftables config.
+Uses named sets for efficient blacklist management.
+Usage:
+  git clone https://github.com/C24Be/AS_Network_List.git
+  generate_nft_blacklist.py ./AS_Network_List/blacklists/blacklist.txt nft_bl.conf
+  cp nft_bl.conf /etc/nftables.d/
+  systemctl restart nftables
+"""
+
+import sys
+from ipaddress import ip_network, collapse_addresses
+from pathlib import Path
+from datetime import datetime
+
+def read_lines(path_or_dash):
+    if path_or_dash == "-":
+        print("Reading prefixes from STDIN...")
+        return [ln.rstrip("\n") for ln in sys.stdin]
+    p = Path(path_or_dash)
+    if not p.exists():
+        raise FileNotFoundError(f"Input file not found: {path_or_dash}")
+    text = p.read_text(encoding="utf-8")
+    return text.splitlines()
+
+def aggregate_prefixes(lines):
+    v4, v6, invalid = [], [], []
+    for lineno, ln in enumerate(lines, start=1):
+        s = ln.strip()
+        if not s or s.startswith("#"):
+            continue
+        try:
+            net = ip_network(s, strict=False)
+            if net.version == 4:
+                v4.append(net)
+            else:
+                v6.append(net)
+        except Exception as e:
+            invalid.append((lineno, s, str(e)))
+    agg_v4 = list(collapse_addresses(sorted(v4, key=lambda x: (int(x.network_address), x.prefixlen))))
+    agg_v6 = list(collapse_addresses(sorted(v6, key=lambda x: (int(x.network_address), x.prefixlen))))
+    return agg_v4, agg_v6, invalid
+
+def make_nft_config(agg_v4, agg_v6, comment=None):
+    lines = []
+    lines.append("# Autogenerated nftables blacklist")
+    lines.append(f"# Generated: {datetime.utcnow().isoformat()}Z")
+    if comment:
+        lines.append(f"# {comment}")
+    lines.append(f"# IPv4: {len(agg_v4)}, IPv6: {len(agg_v6)}")
+    lines.append("")
+    lines.append("table inet filter {")
+    lines.append("")
+    
+    # Define IPv4 blacklist set
+    lines.append("    set blacklist_v4 {")
+    lines.append("        type ipv4_addr")
+    lines.append("        flags interval")
+    if agg_v4:
+        lines.append("        elements = {")
+        for i, net in enumerate(agg_v4):
+            comma = "," if i < len(agg_v4) - 1 else ""
+            lines.append(f"            {net.with_prefixlen}{comma}")
+        lines.append("        }")
+    lines.append("    }")
+    lines.append("")
+    
+    # Define IPv6 blacklist set
+    lines.append("    set blacklist_v6 {")
+    lines.append("        type ipv6_addr")
+    lines.append("        flags interval")
+    if agg_v6:
+        lines.append("        elements = {")
+        for i, net in enumerate(agg_v6):
+            comma = "," if i < len(agg_v6) - 1 else ""
+            lines.append(f"            {net.with_prefixlen}{comma}")
+        lines.append("        }")
+    lines.append("    }")
+    lines.append("")
+    
+    # Define input chain with set lookups
+    lines.append("    chain input {")
+    lines.append("        type filter hook input priority 0;")
+    lines.append("        policy accept;")
+    lines.append("")
+    lines.append("        ct state { established, related } accept")
+    lines.append("")
+    if agg_v4:
+        lines.append("        ip saddr @blacklist_v4 counter drop")
+    if agg_v6:
+        lines.append("        ip6 saddr @blacklist_v6 counter drop")
+    lines.append("    }")
+    lines.append("}")
+    return "\n".join(lines)
+
+def write_output(outpath, content):
+    if outpath == "-":
+        print(content)
+        return
+    p = Path(outpath)
+    p.write_text(content, encoding="utf-8")
+    p.chmod(0o644)
+    print(f"Wrote nft config to: {p} (size: {p.stat().st_size} bytes)")
+
+def main(argv):
+    if len(argv) < 3:
+        print("Usage: python3 generate_nft_blacklist.py input.txt output.conf")
+        print("Use '-' as input or output to mean STDIN/STDOUT respectively.")
+        return 2
+
+    infile, outfile = argv[1], argv[2]
+    try:
+        lines = read_lines(infile)
+    except Exception as e:
+        print(f"ERROR reading input: {e}", file=sys.stderr)
+        return 3
+
+    if not any(line.strip() and not line.strip().startswith("#") for line in lines):
+        print("WARNING: input contains no prefixes (empty or only comments). Nothing to aggregate.")
+        nft_conf = make_nft_config([], [], comment="Empty input produced no prefixes")
+        write_output(outfile, nft_conf)
+        return 0
+
+    agg_v4, agg_v6, invalid = aggregate_prefixes(lines)
+
+    if invalid:
+        print("Some lines could not be parsed (line, text, error):")
+        for ln, txt, err in invalid:
+            print(f"  {ln}: '{txt}' --> {err}", file=sys.stderr)
+
+    print(f"Aggregated IPv4 prefixes: {len(agg_v4)}")
+    for n in agg_v4:
+        print("  v4:", n)
+    print(f"Aggregated IPv6 prefixes: {len(agg_v6)}")
+    for n in agg_v6:
+        print("  v6:", n)
+
+    nft_conf = make_nft_config(agg_v4, agg_v6, comment=f"Source: {infile}")
+    try:
+        write_output(outfile, nft_conf)
+    except Exception as e:
+        print(f"ERROR writing output: {e}", file=sys.stderr)
+        return 4
+
+    print("Done.")
+    print("Load with: sudo nft -f <output.conf>")
+    print("View counters: sudo nft list chain inet filter input -a")
+    print("View sets: sudo nft list set inet filter blacklist_v4")
+    print("           sudo nft list set inet filter blacklist_v6")
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv))