+ routes

* Update 2026.03.01 01:07:56

* Update 2026.03.01 04:25:44

* Update 2026.03.01 06:01:46

* Update 2026.03.01 06:15:37

* Update 2026.03.01 06:23:34

* Update 2026.03.01 07:44:01

* Update 2026.03.01 08:02:08

* Update 2026.03.01 08:06:50

---------

Co-authored-by: C24Be <C24Be@github.com>

.github/workflows/update_blacklists.yml

@@ -32,6 +32,8 @@ jobs:
       - run: ./blacklists_updater_txt.sh
       - run: ./blacklists_updater_nginx.sh
       - run: ./blacklists_updater_iptables.sh
+      - run: ./blacklists_updater_nftables.sh
+      - run: ./blacklists_updater_routes.sh
       - uses: ./.github/actions/gitPush
         env:
-          PUSH_FILES: blacklists/ blacklists_nginx/ blacklists_iptables/
+          PUSH_FILES: blacklists/ blacklists_nginx/ blacklists_iptables/ blacklists_nftables/

.github/workflows/update_nftables.yml

@@ -0,0 +1,33 @@
+name: Update nftables Blacklists
+
+on:
+  schedule:
+    - cron: '30 2 * * *'  # Daily at 02:30 UTC
+  workflow_dispatch:
+
+jobs:
+  update-nftables:
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+      
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: '3.x'
+        
+    - name: Generate nftables blacklists
+      run: |
+        chmod +x blacklists_updater_nftables.sh
+        ./blacklists_updater_nftables.sh
+        
+    - name: Commit and push if changed
+      run: |
+        git config --local user.email "github-actions[bot]@users.noreply.github.com"
+        git config --local user.name "github-actions[bot]"
+        git add blacklists_nftables/
+        git diff --quiet && git diff --staged --quiet || \
+          (git commit -m "Auto-update nftables blacklists [skip ci]" && git push)
+

README.md

@@ -2,6 +2,11 @@
 
 ### Blacklists are updated daily!
 
+> [!IMPORTANT]
+> A very important feature has been added: dedicated lists of VK Cloud / VK networks that can be used to block **OUTGOING** traffic from your server (iptables/ipset and nftables formats are available).
+> This can help reduce the risk of Messenger MAX being used to compromise your VPN server.
+> The best security option is to avoid installing Messenger MAX at all on a phone where VPN access is configured.
+
 This repository contains Python scripts that allow you to retrieve network lists based on either an Autonomous System (AS) name or a Network name. Also you can download and parse the whole RIPE database to get information about Networks for the further analysis.
 
 **Ready-to-use blacklists in multiple formats:**
@@ -9,6 +14,8 @@ This repository contains Python scripts that allow you to retrieve network lists
 - [Text blacklists in `blacklists/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists) - Plain text format with IPv4/IPv6 separation
 - [Nginx configurations in `blacklists_nginx/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_nginx) - Ready to include in your nginx config
 - [IPTables/IPSet files in `blacklists_iptables/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_iptables) - Optimized for iptables with ipset
+- [nftables files in `blacklists_nftables/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_nftables) - Ready-to-load sets and rules for nftables
+- [Linux route files in `blacklists_route/`](https://github.com/C24Be/AS_Network_List/tree/main/blacklists_route) - VK route blackholes to loopback (IPv4/IPv6)
 - [Other network and ASN lists in `auto/`](https://github.com/C24Be/AS_Network_List/tree/main/auto) - Comprehensive Russian network data
 
 ## Files and features
@@ -20,12 +27,16 @@ This repository contains Python scripts that allow you to retrieve network lists
 - `get_info_from_ripe.py`: Retrieves information about Russian AS numbers and Networks from RIPE database for the further analysis.
 - `get_description.py`: Retrieves network names, AS names and organisation names from RIPE. Updates the lists in the folder `auto/`.
 - `parse_ripe_db.py`: Parses the whole RIPE database to get information about Networks for the further analysis.
+- `generate_nft_blacklist.py`: Takes text blacklist on the input and generates nftables config with sets.
+- `check_nft_blacklist.py`: Checks IPv4/IPv6 address against generated nftables config.
 
 ### Blacklist Generators
 
 - `blacklists_updater_txt.sh`: Generates text-based blacklists with IPv4/IPv6 separation
 - `blacklists_updater_nginx.sh`: Generates nginx configuration files with deny directives
 - `blacklists_updater_iptables.sh`: Generates ipset configuration files for iptables/ip6tables
+- `blacklists_updater_nftables.sh`: Generates nftables blacklist files (mixed/v4/v6 and VK-specific)
+- `blacklists_updater_routes.sh`: Generates Linux route files to send VK networks to loopback (`127.0.0.1` / `::1`)
 
 ### Generated Blacklists
 
@@ -50,6 +61,22 @@ This repository contains Python scripts that allow you to retrieve network lists
 - `blacklist-v6.ipset`: IPSet configuration for IPv6 only (**daily generated**)
 - `README.md`: Complete usage documentation for iptables integration
 
+**nftables Format** (`blacklists_nftables/` folder):
+
+* `blacklist.nft`: nftables configuration for mixed IPv4/IPv6 (**daily generated**)
+* `blacklist-v4.nft`: nftables configuration for IPv4 only (**daily generated**)
+* `blacklist-v6.nft`: nftables configuration for IPv6 only (**daily generated**)
+* `blacklist-vk.nft`: nftables configuration for VK-only networks (**daily generated**)
+* `blacklist-vk-v4.nft`: nftables configuration for VK-only IPv4 networks (**daily generated**)
+* `blacklist-vk-v6.nft`: nftables configuration for VK-only IPv6 networks (**daily generated**)
+* `README.md`: Complete usage documentation for nftables integration
+
+**Linux Routes Format** (`blacklists_route/` folder):
+
+* `blacklist-vk-v4.routes`: IPv4 routes for VK-only networks to `127.0.0.1` via `lo` (**daily generated**)
+* `blacklist-vk-v6.routes`: IPv6 routes for VK-only networks to `::1` via `lo` (**daily generated**)
+
+
 ### Reference Lists
 
 **Contributors are welcome!**
@@ -90,6 +117,38 @@ iptables -I INPUT -m set --match-set blacklist-v4 src -j DROP
 ip6tables -I INPUT -m set --match-set blacklist-v6 src -j DROP
 ```
 
+**For nftables:**
+````bash
+# Download and load into nftables
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_nftables/blacklist.nft
+sudo nft -f blacklist.nft
+
+# Protect VM from incoming blacklist sources
+sudo nft add chain inet filter input '{ type filter hook input priority 0; policy accept; }'
+sudo nft add rule inet filter input ip saddr @blacklist_v4 counter reject
+sudo nft add rule inet filter input ip6 saddr @blacklist_v6 counter reject
+
+# VK-only outbound blocking for VPN clients via NAT/FORWARD
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_nftables/blacklist-vk.nft
+sudo nft -f blacklist-vk.nft
+sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy accept; }'
+sudo nft add rule inet filter forward iifname "<VPN_IFACE>" ip daddr @blacklist_v4 counter reject
+sudo nft add rule inet filter forward iifname "<VPN_IFACE>" ip6 daddr @blacklist_v6 counter reject
+
+# View the loaded rules
+sudo nft list ruleset
+````
+
+**For Linux Routes (VK loopback blackhole):**
+
+```bash
+# Download and apply VK route files
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_route/blacklist-vk-v4.routes
+wget https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_route/blacklist-vk-v6.routes
+sudo sh blacklist-vk-v4.routes
+sudo sh blacklist-vk-v6.routes
+```
+
 **For Custom Applications:**
 
 ```bash
@@ -183,6 +242,20 @@ See the README files in each folder for detailed usage instructions.
     ./network_list_from_netname.py --help
     ```
 
+### `generate_nft_blacklist.py`
+1. Generate nftables config from blacklist:
+
+    ```bash
+    ./generate_nft_blacklist.py blacklists/blacklist.txt blacklist.nft
+    ```
+
+### `check_nft_blacklist.py`
+1. Check IP address against generated config:
+
+    ```bash
+    ./check_nft_blacklist.py blacklist.nft 77.37.166.239
+    ```
+
 ## Screenshots
 
 <img width="320" alt="image" src="https://github.com/C24Be/AS_Network_List/assets/153936414/71bd0ed4-0e9b-42f0-8e91-01964ea9b8e1">

auto/all-ru-asn.txt

@@ -33,7 +33,7 @@ AS3277 RUSNET-AS (OOO "NPO FRACTEL")
 AS3284 ServiceCloud-AS (ServiceCloud Ltd.)
 AS3285 HOME-IP (Company Delfa Co. Ltd.)
 AS3287 REDLINE-AS (Dmitry Vyacheslavovich Sharov)
-AS3312 ELEKTRA-AS (IT Energy Service LLC)
+AS3312 ELEKTRA-AS (Rosseti Digital JSC)
 AS3315 UNSPECIFIED (Join-stock company "Internet Exchange"MSK-IX")
 AS3316 RELARN (Join-stock company "Internet Exchange"MSK-IX")
 AS3325 KFU (Kazan Federal University)
@@ -56,7 +56,7 @@ AS5523 CREDO-TELECOM (JSC "CREDO-TELECOM")
 AS5537 RU-CENTER-AS (JSC "RU-CENTER")
 AS5543 TEST-ASN1 (Joint Stock Company TransTeleCom)
 AS5547 ORTEL-AS (JSC Orient-Telecom)
-AS5548 RUT-MIIT-AS (Federal State Budget Educational Establishment of Higher Education "Russian University Of Transport (MIIT)")
+AS5548 RUT-MIIT-AS (Federalnoe gosudarstvennoe avtonomnoe obrazovatelnoe uchrezhdenie vysshego obrazovaniya "Rossiyskiy Universitet Transporta")
 AS5553 TAMBOVMAN-AS (Federal State Budgetary Educational Institution of Higher Education "Tambov State Technical University")
 AS5563 URAL (JSC "ER-Telecom Holding")
 AS5567 AS5567 (National Research Tomsk Polytechnic University)
@@ -212,7 +212,7 @@ AS9157 SAO-RAS (Federal State Budget Institution The Special Astrophysical Obser
 AS9162 TSTU (The State Educational Institution of Higher Vocational Education "Tambov State Technical University")
 AS9177 MZRTA-AS (RTA Telecom Ltd.)
 AS9203 EVROKONTAKT-STRUSSA-AS (EUROCONTACT VELIKY NOVGOROD LLC)
-AS9206 MAI (Federal State Budgetary Educational Institution of Higher Education Moscow Aviation Institute (National Research University))
+AS9206 MAI (Federal State Autonomous Educational Institution of Higher Education "Moscow Aviation Institute (National Research University)")
 AS12314 TESLATEL-DC-AS (TESLATEL LLC)
 AS12332 PRIMORYE-AS (PJSC Rostelecom)
 AS12335 TARIO (Tario Communications LLC)
@@ -420,7 +420,7 @@ AS21332 NTC-AS (PJSC "Vimpelcom")
 AS21335 DigitOneSPB-AS (JSC "ER-Telecom Holding")
 AS21353 ARTCOMS-AS (JSC "ER-Telecom Holding")
 AS21365 INTELECA-AS (MTS PJSC)
-AS21367 WILAND-AS (Wiland Ltd)
+AS21367 WILAND-AS (TrunkMobile JSC)
 AS21372 telehouse-as (LLC My Telecom)
 AS21375 BNPP-AS (JSC "Concern Rosenergoatom")
 AS21378 CTCTVER (PJSC Rostelecom)
@@ -463,7 +463,6 @@ AS24789 NOVGORODTELECOM-AS (PJSC Rostelecom)
 AS24810 TELESET-KAZAN (PJSC Rostelecom)
 AS24811 KES-AS (Joint Stock Company Kuzbassenergosviaz)
 AS24823 VTB-BANK-AS (VTB Bank (Public Joint-Stock Company))
-AS24832 TCU-COM-AS (LLC "Nauka-Svyaz")
 AS24837 MEGALINK-AS (MegaLink LLC)
 AS24866 Cloud-Megafon (PJSC MegaFon)
 AS24873 ELLINK-AS (PJSC Rostelecom)
@@ -523,7 +522,7 @@ AS25591 BCLAN-AS (BCLan LLC)
 AS25592 NETIS-AS (NETIS Telecom LLC)
 AS25880 Yurgatelekom-AS (Public joint-stock company "RUTELEKOM")
 AS28703 URAL-INTERCARD-AS (PJSC "Vimpelcom")
-AS28709 VKONTAKTE-REGIONAL-CDN (VKontakte Ltd)
+AS28709 VKONTAKTE-REGIONAL-CDN (LLC VK)
 AS28712 ROSBANK ("TBANK" JSC)
 AS28719 HMFES (PJSC Rostelecom)
 AS28734 ATON-AS (Aton LLC)
@@ -731,7 +730,7 @@ AS33888 NCPLG-AS (Federal State Unitary Enterprise "State Scientific-research In
 AS33892 SELS-AS (LLC "Severskelectrosvyaz")
 AS33894 RIKT-AS (MTS PJSC)
 AS33899 RU-HOTLINE-TELECOM-AS (JSC "ER-Telecom Holding")
-AS33902 STARNET-AS (Invest Mobile LLC)
+AS33902 STARNET-AS (ePharmacy LLC)
 AS33903 CROC-AS (Closed Joint Stock Company CROC incorporated)
 AS33904 TELCOMNET-AS (Limited Liability Company "Telcomnet")
 AS33908 Kirovtelecom (AO Kirovtelecom)
@@ -746,7 +745,7 @@ AS34017 ASCNET-AS (FEDERAL STATE BUDGETARY INSTITUTION OF SCIENCES KHABAROVSK FE
 AS34033 S2116-AS (OOO SALON 2116 Electronic Post Office)
 AS34038 COMTEL-TMN-AS (PJSC "Vimpelcom")
 AS34042 MTTELECOM-AS (MT-Telecom LLC)
-AS34047 DGROUP-AS (Bystrov Dmitriy Sergeevich)
+AS34047 DGROUP-AS (LLC Internet-Service)
 AS34052 LOGIKA (OOO NPP Logika)
 AS34085 NICO-BANK-AS (PJSC NICO-BANK)
 AS34098 ZENIT-BANK-AS (PJSC Bank ZENIT)
@@ -966,7 +965,7 @@ AS35816 SEVSTAR (Lancom Ltd.)
 AS35824 COMMASTER-AS (Commaster Ltd.)
 AS35835 KUZDRAV-AS (Public Budget-Funded Health Care Institution "Kemerovo Regional Health Care Research and Information Center")
 AS38917 komtel-as (INTERCOMTEL Limited Company)
-AS38922 WILAND-AS (Wiland Ltd)
+AS38922 WILAND-AS (TrunkMobile JSC)
 AS38928 GLONASS (JSC GLONASS)
 AS38934 PRIDENET-AS (Pride LLC)
 AS38951 TKT-AS (PJSC Rostelecom)
@@ -993,7 +992,7 @@ AS39054 STBUR-AS (PJSC Rostelecom)
 AS39058 STEP-AS (Step Logic LTD)
 AS39061 LAYKA-LTD-AS (Layka Ltd.)
 AS39068 MainTelecom (Main Telecom LLC)
-AS39073 FGKUES-AS (Branch of JSC FGC UES)
+AS39073 FGKUES-AS (PJSC Rosseti)
 AS39087 PAKT-AS (P.A.K.T LLC)
 AS39089 UGLETELECOM-AS (STATE UNITARY ENTERPRISE OF THE DONETSK PEOPLE'S REPUBLIC "UGLETELECOM")
 AS39092 VENA-AS ("Baltica Breweries" LLC)
@@ -1028,7 +1027,7 @@ AS39289 MEGAMAX-AS (OOO "MediaSeti")
 AS39293 RTCENTER-AS (RT Center LLC)
 AS39294 LADA-MEDIA-AS (LADA-MEDIA Ltd.)
 AS39303 C-RETAIL-AS (C-RETAIL LLC)
-AS39304 DV-IX-AS (Chitatehenergy JSC)
+AS39304 DV-IX-AS (JOINT-STOCK COMPANY "MOSCOW ENERGY COMMUNICATION NODE")
 AS39317 AUTOLOCATOR (MegaPage Ltd.)
 AS39321 Gazenergobank (Gazenergobank JSC)
 AS39323 RCUP-AS (GBU SO "TSIFROVOY REGION")
@@ -1143,7 +1142,7 @@ AS41187 NSPK-SBP-AS (National system of payment cards Joint-stock Society)
 AS41190 IDEATELECOM (PJSC Rostelecom)
 AS41209 COMSTAR-VOLGA (MTS PJSC)
 AS41212 Carcade (OOO Carcade)
-AS41217 PNTZ-AS (JSC PNTZ)
+AS41217 PNTZ-AS (PJSC "PIPE METALLURGICAL COMPANY")
 AS41220 BKKVARTAL-AS (Building Service LLC)
 AS41223 CPM-LTD-AS (CPM Ltd.)
 AS41226 SUPERBANK-RU-AS (VTB Bank (Public Joint-Stock Company))
@@ -1250,7 +1249,7 @@ AS41864 Zelobit (ZELOBIT LLC)
 AS41892 RSL-AS (Federal State Budget Institution "Russian State Library")
 AS41895 INFORM-SVYAZ ("INFORM-Svyaz" LTD)
 AS41904 LLC12BIT-AS (LLC 12BIT)
-AS41914 YALTAONLINE (Inna Grigorevna Khoruzhaya)
+AS41914 MKS (Mediacom Svyaz LLC)
 AS41925 IZET-Chelyabinsk (Limited Liability Company Izet Telecom Ural)
 AS41928 ITIS-AS (Olympia Ltd)
 AS41929 SISTEMY-SVYAZI-AS (MTS PJSC)
@@ -1473,7 +1472,7 @@ AS43247 YooMoney-AS ("YooMoney" NBCO LLC)
 AS43264 RTODON-AS (RTO-DON LLC)
 AS43265 RNTelecom (RN Telecom Ltd.)
 AS43267 SEVEREN-MSK-NET (JSC "Severen-Telecom")
-AS43270 SAFECITY-AS (Ryabikov Ivan)
+AS43270 IT-TELECOM-AS (Ryabikov Ivan)
 AS43273 OPTIKLINE-AS (Optik Line LLC)
 AS43274 TELEOS-1-AS (Teleradiocompany Teleos-1 Ltd)
 AS43275 UNET-AS (PJSC "Vimpelcom")
@@ -1512,7 +1511,6 @@ AS43521 RECOM-OREL-AS (Recom LLC)
 AS43526 NOVIKOM-AS (Joint-Stock Commercial Bank "NOVIKOMBANK")
 AS43527 FINAMTECH-AS (Joint Stock Company Investment Company FINAM)
 AS43530 IRTELCOM-AS (Limited Liability Company Irtelcom)
-AS43544 Radist-AS (Radist LTD)
 AS43550 DSC-AS (JSC Avantel)
 AS43552 SIBNET-AS (Enterprise Medtech Ltd)
 AS43559 SOESTA-AS ("Soesta" ZAO)
@@ -1601,7 +1599,7 @@ AS44014 VMI-AS (OOO NPO VMI)
 AS44020 CLN-AS (Modern Solutions LTD)
 AS44030 OTRADNOE-AS (Lentel Business Ltd.)
 AS44035 RU-AXIOMA-AS (Nemerov Evgeniy Vladimirovish PE)
-AS44039 CHTPZ-AS (JSC "Chelyabinsk pipe-rolling factory")
+AS44039 CHTPZ-AS (PJSC "PIPE METALLURGICAL COMPANY")
 AS44041 UNICOMLAB-AS (Korporatsia Svyazy Ltd.)
 AS44046 TVERLINE-AS (TverLine Ltd.)
 AS44048 MOSOBLGAZ-AS (Mosoblgaz JSC)
@@ -1692,7 +1690,7 @@ AS44552 SCTS-NET ("Altura" ltd.)
 AS44554 IMPERCOM-AS (Impercom LLC)
 AS44555 KONEKT-AS (KONEKT Ltd.)
 AS44556 IQ-NET (DDOS-GUARD LTD)
-AS44560 MIA-AS (Ministry of Interior Affairs of Russian Federation)
+AS44560 MIA-AS (FKU "GTsSIZI Ministry of Internal Affairs of Russia")
 AS44572 PARMATEL-AS (LTD ParmaTel)
 AS44579 TNGS-FARNORTHNET (MTS PJSC)
 AS44584 PTLINE-AS (Progress Tehnologiya LLC)
@@ -1711,7 +1709,6 @@ AS44640 CACTUS-AS (Cactus Ltd.)
 AS44648 AVETEL-AS (AveTel LLC)
 AS44657 SPK-AS (JSC Steel Industrial Company)
 AS44660 UMKAST (Umkast Media LLC)
-AS44661 PETROVICH-AS (STD Petrovich LLC)
 AS44662 ARKHTELECENTR-AS (GBU Arkhangelskoi oblasti "Arkhtelecentr")
 AS44665 SOVCOMFLOT-AS (PAO Sovcomflot)
 AS44670 TVIGO (Tvigle Media LLC)
@@ -1746,7 +1743,7 @@ AS44804 EXGSPB-AS (Soft LLC)
 AS44811 AVANTEL-NIZHNEVARTOVSK-ASN (JSC Avantel)
 AS44812 IPSERVER-RU-NET (IP SERVER LLC)
 AS44816 DELFINTELECOM-AS (Delfin Telecom OOO)
-AS44834 POZITIVTELECOM-AS (Pozitiv Telecom Ltd.)
+AS44834 POZITIVTELECOM-AS (LLC "POZITIV TELEKOM")
 AS44835 PROSTOY-RU-AS (1T Ltd)
 AS44840 KRONSHTADT-AS (Kronshtadt JSC)
 AS44843 MALOCO-AS (MSS LLC.)
@@ -1879,8 +1876,8 @@ AS47528 RU-PITER-IX-VKZ (Piter-IX Co. Ltd.)
 AS47530 NVTC-AS (Novokuznetsk Telecom Ltd)
 AS47531 GorPTUs-AS (GorPTUs OOO)
 AS47533 CTIS-AS (MBU CTIS EMR)
-AS47541 VKONTAKTE-SPB-AS (VKontakte Ltd)
-AS47542 VKONTAKTE-MSK-CDN-AS (VKontakte Ltd)
+AS47541 VKONTAKTE-SPB-AS (LLC VK)
+AS47542 VKONTAKTE-MSK-CDN-AS (LLC VK)
 AS47550 NetLife-AS (Bratinov Oleg Vyacheslavovich)
 AS47551 AS-MAYAK-NETWORK ("MAYAK NETWORK" LLC)
 AS47560 KIT-MAGADAN (KIT-Magadan LLC)
@@ -2136,7 +2133,6 @@ AS48757 TRUSTINFO (TrustInfo LLC)
 AS48758 FIBRENET-AS (Fibrenet Ltd)
 AS48763 smartcenter-as (LLC "SMART CENTER")
 AS48770 ASSIST (Assist Ltd.)
-AS48780 OLTELECOM-AS (OLTELECOM JSC)
 AS48781 AVK-COM-AS (AVK-computer ltd)
 AS48788 SITRONICS (MTS PJSC)
 AS48796 COMSTAR-R-SML-AS (MTS PJSC)
@@ -2166,7 +2162,7 @@ AS48936 ECO-RESERV2-AS (Altagen JSC)
 AS48938 GUARD-INFORM-AS (Guard-Inform Ltd.)
 AS48939 BITRIVER-K-AS (Bitriver-K LLC)
 AS48940 LINK-AS (Link Ltd.)
-AS48946 KOMF (JSC Comfortel)
+AS48946 KOMF (Voxys LLC)
 AS48949 MEDIA-TV-AS (Media-TV Ltd.)
 AS48959 GARMONIYA-AS (MB Grupp LLC)
 AS48969 PARUS-TELECOM-AS (Parus-Telecom Ltd.)
@@ -2221,7 +2217,7 @@ AS49241 SCB-NET5 (PJSC Sovkombank)
 AS49246 GUM-AS (JSC TRADING HOUSE GUM)
 AS49253 BRINGO-AS (Bringo Ltd)
 AS49255 TELEGLOBAL-AS (TeleGlobal Ltd.)
-AS49261 SVS-TELECOM-AS (Lekstar Communication Ltd.)
+AS49261 SVS-TELECOM-AS (Lekstar Communication LLC)
 AS49267 SIBCOM-AS (Sibcom Ltd)
 AS49279 BEFL-AS (BEFL Ltd.)
 AS49280 Saifullin-AS (Ruslan Saifullin)
@@ -2293,7 +2289,7 @@ AS49554 SIORAS-AS (P.P.Shirshov Institute of Oceanology RAS)
 AS49557 STROYNET-AS (BuildNet Ltd)
 AS49558 LIVECOMM-AS (IT-Yaroslavl Ltd.)
 AS49568 INFORMSYAZ-AS (LLC "Convex-Kamensk")
-AS49569 ZAYMER-AS (Zaymer PJSC)
+AS49569 ZAYMER-AS (Microcredit Company Zaymer PJSC)
 AS49577 DISNET (PE Romankov Dmitry Vladimirovich)
 AS49578 FREGAT-AS (Fregat Ltd.)
 AS49583 Kom_lan_ltd-AS (Kom lan Ltd)
@@ -2503,7 +2499,6 @@ AS50587 ATB-AS (LLC "M ADVICE")
 AS50596 ITNET33 (Informatsionnye Tekhnologii LLC)
 AS50600 INET-AS (I-NET Ltd.)
 AS50608 HITECH (STIS Engineering LLC)
-AS50612 SKY-AS (Auction LLC)
 AS50615 AIKOM-RU-AS (LLC AIKOM)
 AS50619 RAZU (RAZU.MEDIA LLC)
 AS50636 RTP-Media (RTP LLC)
@@ -2608,7 +2603,7 @@ AS51054 TRANSCOM (OOO "TransKom")
 AS51067 KRAZ-AS (Sibinfosoft LLC)
 AS51070 TOKS-AS (TOKS Ltd)
 AS51071 SIBTELEKOM-AS (SibTeleCom Ltd.)
-AS51076 OBLAKA-AS (Chelombitko Elena Evgenevna)
+AS51076 OBLAKA-AS (LNTech LLC)
 AS51077 PTS-NET (Modern Technologies Ltd.)
 AS51081 TETRON-AS (LLC "TETRON")
 AS51084 IDEA-LTD-AS (Idea Ltd.)
@@ -2624,7 +2619,6 @@ AS51125 POLYANA (Limited Liability Company "Gazprom Polyana")
 AS51133 MEDIAGRAND-AS (Mediagrand Ltd.)
 AS51136 HCFBank (PJSC Sovkombank)
 AS51138 ESTEITINVEST (JSC ESTEIT INVEST)
-AS51145 LOGOSK-AS (LOGOS-K LLC)
 AS51147 ASDELTATELECOM (Ltd. Delta-Telecom)
 AS51153 INFKOM-AS ("Informational communications" LLC)
 AS51156 ONGNET-AS (OngNet Plus LLC)
@@ -2844,7 +2838,6 @@ AS52197 SITC-OREL-MNT-AS (Oblastnoe gosudarstvennoe uchrejdenie Centr Gosudarstv
 AS52201 TCTEL (OOO Suntel)
 AS52205 SILON-SU-AS (Safronov Anton Sergeevich)
 AS52207 TULA-AS (JSC "ER-Telecom Holding")
-AS52208 ETC-Com-net (Engineering-technical center-communication LLC)
 AS52217 ISKRA-AS (OOO ISKRA)
 AS52218 CHYUS-NET-AS (Cherkasov Yuriy Sergiyovuch)
 AS52222 ASMAGNITTV (Ltd Magnit-Tv)
@@ -2909,7 +2902,6 @@ AS56581 CIT-AS (GBU "Centre of Information Technologies of Amur Region")
 AS56592 TELEWEST-INET-AS (Telewest Inet Ltd.)
 AS56603 NET-AS (Aleksey Ershov)
 AS56613 PSKAS (GBU PO "CIS PO")
-AS56618 ASARCTICNET (Arctic net Ltd.)
 AS56619 KSB (Safety Integrated Systems Ltd)
 AS56621 IntexLtd-AS (Innovation Technologies Ltd)
 AS56627 ITH-AS (ITH Ltd.)
@@ -2935,7 +2927,7 @@ AS56692 THEBANKOFKAZAN (KBER Bank Kazani limited liability company)
 AS56694 SmartApe (LLC Smart Ape)
 AS56699 NCEC (GUP NAO Neneckaya kompaniya electrosvyazi)
 AS56701 AVANTA-AS (LLC "AVANTA TELECOM")
-AS56702 Chitatechenergo-AS (Chitatehenergy JSC)
+AS56702 Chitatechenergo-AS (JOINT-STOCK COMPANY "MOSCOW ENERGY COMMUNICATION NODE")
 AS56705 OSMTELECOM-AS (OSM-Telecom LLC)
 AS56707 NETCOM (OOO NETCOM)
 AS56720 FORTUNA-AS (FORTUNA Ltd)
@@ -2945,48 +2937,48 @@ AS56725 GOZNAK-AS (JSC Goznak)
 AS56741 GLORIA-JEANS-AS (JSC "Gloria-Jeans")
 AS56760 GAU-RK-CIT-AS (Autonomous state organization or The Komi Republic Centre of informational technologies)
 AS56761 MULTINEX-MIASS-AS (MTS PJSC)
-AS56763 -no-description- (No org name found)
-AS56766 -no-description- (No org name found)
-AS56768 -no-description- (No org name found)
-AS56776 -no-description- (No org name found)
-AS56777 -no-description- (No org name found)
-AS56779 -no-description- (No org name found)
-AS56785 -no-description- (No org name found)
-AS56791 -no-description- (No org name found)
-AS56793 -no-description- (No org name found)
-AS56794 -no-description- (No org name found)
-AS56806 -no-description- (No org name found)
-AS56807 -no-description- (No org name found)
-AS56810 -no-description- (No org name found)
-AS56814 -no-description- (No org name found)
-AS56820 -no-description- (No org name found)
-AS56829 -no-description- (No org name found)
-AS56830 -no-description- (No org name found)
-AS56836 -no-description- (No org name found)
-AS56842 -no-description- (No org name found)
-AS56845 -no-description- (No org name found)
-AS56846 -no-description- (No org name found)
-AS56852 -no-description- (No org name found)
-AS56853 -no-description- (No org name found)
-AS56854 -no-description- (No org name found)
-AS56857 -no-description- (No org name found)
-AS56864 -no-description- (No org name found)
-AS56866 -no-description- (No org name found)
-AS56874 -no-description- (No org name found)
-AS56875 -no-description- (No org name found)
-AS56877 -no-description- (No org name found)
-AS56879 -no-description- (No org name found)
-AS56880 -no-description- (No org name found)
-AS56881 -no-description- (No org name found)
-AS56886 -no-description- (No org name found)
-AS56888 -no-description- (No org name found)
-AS56889 -no-description- (No org name found)
-AS56893 -no-description- (No org name found)
-AS56895 -no-description- (No org name found)
-AS56903 -no-description- (No org name found)
-AS56915 -no-description- (No org name found)
-AS56917 -no-description- (No org name found)
-AS56923 -no-description- (No org name found)
+AS56763 INFOTELL-AS (Infotell UK OOO)
+AS56766 BAHILOV (Bahilov Ilya Vitalievich PE)
+AS56768 MF-AS (PJSC MegaFon)
+AS56776 DIALOGSIBERIA-AS (DialogSiberia-Barnaul Ltd)
+AS56777 NIITP (Joint Stock Company "Science research institute for precise instruments")
+AS56779 ASDRUZHBA (OOO UJK " Druzhba")
+AS56785 GUP-GK-Berlin-AS (JSC GK Berlin)
+AS56791 CT-AS (CityTelekom Ltd.)
+AS56793 EFBANK-AS (JSC Commercial Bank Evrofinance Mosnarbank)
+AS56794 NAUKANET-AS (LLC "Nauka-Svyaz")
+AS56806 ascom4s (JSC Computing Forces)
+AS56807 ASKLON (OOO UKS)
+AS56810 TOLMACHEVO-AS (Airport Tolmachevo JSC)
+AS56814 T2TELECOM-AS (M2 CONNECT LLC)
+AS56820 EVRAZHOLDING (OOO EVRAZ)
+AS56829 VNIITR-as (Institute of Television and Radio Broadcasting, Limited Liability Company)
+AS56830 ASCHITATTK (Joint Stock Company TransTeleCom)
+AS56836 ZSSK-AS (Zapadno-Sibirskaya Servisnaya Kompaniya LTD.)
+AS56842 PLATFORMA-AS (Big Data Platform LLC)
+AS56845 ASVLAZER (V-Lazer Ltd.)
+AS56846 NSC-AS (JSC National satellite company)
+AS56852 Aquaphor-AS (AQUAPHOR LLC)
+AS56853 LMN-AS (Municipal educational institution The Centre of Information Technologies)
+AS56854 Yemelyanovo-Airport (LLC "Yemelyanovo Airport")
+AS56857 DKTEL-OPRF (DK Svyaz OOO)
+AS56864 WELLSERVER-AS (Xeon LLC)
+AS56866 VSC-AS (VSK LLC)
+AS56874 ELECTROSVYAZ-AS (Electrosvyazstroy OOO)
+AS56875 SPRINT-TEL-AS (Sprint Ltd)
+AS56877 SPHAERA-AS (Sfera, JSC)
+AS56879 PETROPAVLOVSK-AS (JSC POKROVSKIY RUDNIK)
+AS56880 ASTECOM (Tecom Ltd.)
+AS56881 ASRND (Joint Stock Company "Scientific and Technical Center "Atlas")
+AS56886 RedStar-as (OOO "Red Star")
+AS56888 KRNET-AS (Krasnogorsky networks Ltd.)
+AS56889 RADIOTEKHNIKA-AS (TTC Radiotechnika LTD)
+AS56893 TELECOM_108 (108 TELECOM LLC)
+AS56895 SVIAZTELECOM-AS (Svyaztelecom ltd.)
+AS56903 INTECH-GLOBAL ("INTECH GLOBAL", LLC)
+AS56915 MALINA-AS (Malina LLC)
+AS56917 DALTECH-AS (DalTech Ltd)
+AS56923 VIRTUALFORT-AS (Virtualfort OOO)
 AS56928 -no-description- (No org name found)
 AS56930 -no-description- (No org name found)
 AS56931 -no-description- (No org name found)
@@ -3773,7 +3765,6 @@ AS64461 -no-description- (No org name found)
 AS64469 -no-description- (No org name found)
 AS64486 -no-description- (No org name found)
 AS64492 -no-description- (No org name found)
-AS64494 -no-description- (No org name found)
 AS196638 -no-description- (No org name found)
 AS196641 -no-description- (No org name found)
 AS196648 -no-description- (No org name found)
@@ -3830,7 +3821,6 @@ AS197068 -no-description- (No org name found)
 AS197070 -no-description- (No org name found)
 AS197074 -no-description- (No org name found)
 AS197078 -no-description- (No org name found)
-AS197080 -no-description- (No org name found)
 AS197097 -no-description- (No org name found)
 AS197120 -no-description- (No org name found)
 AS197129 -no-description- (No org name found)
@@ -3926,7 +3916,6 @@ AS197868 -no-description- (No org name found)
 AS197873 -no-description- (No org name found)
 AS197878 -no-description- (No org name found)
 AS197880 -no-description- (No org name found)
-AS197888 -no-description- (No org name found)
 AS197896 -no-description- (No org name found)
 AS197905 -no-description- (No org name found)
 AS197911 -no-description- (No org name found)
@@ -3953,7 +3942,6 @@ AS198070 -no-description- (No org name found)
 AS198074 -no-description- (No org name found)
 AS198076 -no-description- (No org name found)
 AS198083 -no-description- (No org name found)
-AS198086 -no-description- (No org name found)
 AS198110 -no-description- (No org name found)
 AS198117 -no-description- (No org name found)
 AS198122 -no-description- (No org name found)
@@ -4198,7 +4186,6 @@ AS200054 -no-description- (No org name found)
 AS200066 -no-description- (No org name found)
 AS200095 -no-description- (No org name found)
 AS200110 -no-description- (No org name found)
-AS200120 -no-description- (No org name found)
 AS200121 -no-description- (No org name found)
 AS200123 -no-description- (No org name found)
 AS200152 -no-description- (No org name found)
@@ -4238,9 +4225,11 @@ AS200524 -no-description- (No org name found)
 AS200551 -no-description- (No org name found)
 AS200563 -no-description- (No org name found)
 AS200575 -no-description- (No org name found)
+AS200579 -no-description- (No org name found)
 AS200593 -no-description- (No org name found)
 AS200613 -no-description- (No org name found)
 AS200619 -no-description- (No org name found)
+AS200620 -no-description- (No org name found)
 AS200622 -no-description- (No org name found)
 AS200624 -no-description- (No org name found)
 AS200627 -no-description- (No org name found)
@@ -4254,9 +4243,11 @@ AS200685 -no-description- (No org name found)
 AS200686 -no-description- (No org name found)
 AS200687 -no-description- (No org name found)
 AS200694 -no-description- (No org name found)
+AS200697 -no-description- (No org name found)
 AS200702 -no-description- (No org name found)
 AS200722 -no-description- (No org name found)
 AS200725 -no-description- (No org name found)
+AS200733 -no-description- (No org name found)
 AS200734 -no-description- (No org name found)
 AS200743 -no-description- (No org name found)
 AS200762 -no-description- (No org name found)
@@ -4266,12 +4257,17 @@ AS200803 -no-description- (No org name found)
 AS200812 -no-description- (No org name found)
 AS200838 -no-description- (No org name found)
 AS200847 -no-description- (No org name found)
+AS200897 -no-description- (No org name found)
+AS200902 -no-description- (No org name found)
+AS200907 -no-description- (No org name found)
 AS200922 -no-description- (No org name found)
 AS200926 -no-description- (No org name found)
 AS200928 -no-description- (No org name found)
 AS200935 -no-description- (No org name found)
+AS200938 -no-description- (No org name found)
 AS200945 -no-description- (No org name found)
 AS200953 -no-description- (No org name found)
+AS200954 -no-description- (No org name found)
 AS200955 -no-description- (No org name found)
 AS200976 -no-description- (No org name found)
 AS200982 -no-description- (No org name found)
@@ -4289,6 +4285,7 @@ AS201065 -no-description- (No org name found)
 AS201069 -no-description- (No org name found)
 AS201083 -no-description- (No org name found)
 AS201092 -no-description- (No org name found)
+AS201097 -no-description- (No org name found)
 AS201100 -no-description- (No org name found)
 AS201119 -no-description- (No org name found)
 AS201123 -no-description- (No org name found)
@@ -4313,6 +4310,7 @@ AS201267 -no-description- (No org name found)
 AS201268 -no-description- (No org name found)
 AS201270 -no-description- (No org name found)
 AS201275 -no-description- (No org name found)
+AS201279 -no-description- (No org name found)
 AS201282 -no-description- (No org name found)
 AS201285 -no-description- (No org name found)
 AS201294 -no-description- (No org name found)
@@ -4353,10 +4351,12 @@ AS201582 -no-description- (No org name found)
 AS201588 -no-description- (No org name found)
 AS201593 -no-description- (No org name found)
 AS201606 -no-description- (No org name found)
+AS201610 -no-description- (No org name found)
 AS201624 -no-description- (No org name found)
 AS201631 -no-description- (No org name found)
 AS201643 -no-description- (No org name found)
 AS201646 -no-description- (No org name found)
+AS201662 -no-description- (No org name found)
 AS201669 -no-description- (No org name found)
 AS201677 -no-description- (No org name found)
 AS201706 -no-description- (No org name found)
@@ -4371,6 +4371,7 @@ AS201778 -no-description- (No org name found)
 AS201781 -no-description- (No org name found)
 AS201786 -no-description- (No org name found)
 AS201788 -no-description- (No org name found)
+AS201792 -no-description- (No org name found)
 AS201794 -no-description- (No org name found)
 AS201797 -no-description- (No org name found)
 AS201800 -no-description- (No org name found)
@@ -4385,6 +4386,7 @@ AS201844 -no-description- (No org name found)
 AS201848 -no-description- (No org name found)
 AS201851 -no-description- (No org name found)
 AS201858 -no-description- (No org name found)
+AS201874 -no-description- (No org name found)
 AS201913 -no-description- (No org name found)
 AS201914 -no-description- (No org name found)
 AS201916 -no-description- (No org name found)
@@ -4395,6 +4397,7 @@ AS201956 -no-description- (No org name found)
 AS201970 -no-description- (No org name found)
 AS201972 -no-description- (No org name found)
 AS201974 -no-description- (No org name found)
+AS202000 -no-description- (No org name found)
 AS202009 -no-description- (No org name found)
 AS202011 -no-description- (No org name found)
 AS202058 -no-description- (No org name found)
@@ -4412,13 +4415,17 @@ AS202164 -no-description- (No org name found)
 AS202173 -no-description- (No org name found)
 AS202181 -no-description- (No org name found)
 AS202202 -no-description- (No org name found)
+AS202216 -no-description- (No org name found)
 AS202234 -no-description- (No org name found)
+AS202248 -no-description- (No org name found)
 AS202250 -no-description- (No org name found)
+AS202271 -no-description- (No org name found)
 AS202273 -no-description- (No org name found)
 AS202279 -no-description- (No org name found)
 AS202289 -no-description- (No org name found)
 AS202290 -no-description- (No org name found)
 AS202317 -no-description- (No org name found)
+AS202326 -no-description- (No org name found)
 AS202342 -no-description- (No org name found)
 AS202344 -no-description- (No org name found)
 AS202378 -no-description- (No org name found)
@@ -4440,6 +4447,7 @@ AS202542 -no-description- (No org name found)
 AS202570 -no-description- (No org name found)
 AS202578 -no-description- (No org name found)
 AS202594 -no-description- (No org name found)
+AS202599 -no-description- (No org name found)
 AS202611 -no-description- (No org name found)
 AS202619 -no-description- (No org name found)
 AS202629 -no-description- (No org name found)
@@ -4495,7 +4503,6 @@ AS203139 -no-description- (No org name found)
 AS203163 -no-description- (No org name found)
 AS203169 -no-description- (No org name found)
 AS203173 -no-description- (No org name found)
-AS203190 -no-description- (No org name found)
 AS203203 -no-description- (No org name found)
 AS203252 -no-description- (No org name found)
 AS203270 -no-description- (No org name found)
@@ -4746,7 +4753,6 @@ AS205858 -no-description- (No org name found)
 AS205864 -no-description- (No org name found)
 AS205865 -no-description- (No org name found)
 AS205866 -no-description- (No org name found)
-AS205901 -no-description- (No org name found)
 AS205907 -no-description- (No org name found)
 AS205922 -no-description- (No org name found)
 AS205952 -no-description- (No org name found)
@@ -4760,6 +4766,8 @@ AS206012 -no-description- (No org name found)
 AS206027 -no-description- (No org name found)
 AS206039 -no-description- (No org name found)
 AS206054 -no-description- (No org name found)
+AS206057 -no-description- (No org name found)
+AS206061 -no-description- (No org name found)
 AS206066 -no-description- (No org name found)
 AS206083 -no-description- (No org name found)
 AS206152 -no-description- (No org name found)
@@ -4794,6 +4802,7 @@ AS206435 -no-description- (No org name found)
 AS206448 -no-description- (No org name found)
 AS206465 -no-description- (No org name found)
 AS206501 -no-description- (No org name found)
+AS206503 -no-description- (No org name found)
 AS206515 -no-description- (No org name found)
 AS206536 -no-description- (No org name found)
 AS206538 -no-description- (No org name found)
@@ -4816,6 +4825,7 @@ AS206756 -no-description- (No org name found)
 AS206760 -no-description- (No org name found)
 AS206764 -no-description- (No org name found)
 AS206767 -no-description- (No org name found)
+AS206787 -no-description- (No org name found)
 AS206803 -no-description- (No org name found)
 AS206805 -no-description- (No org name found)
 AS206810 -no-description- (No org name found)
@@ -4933,7 +4943,6 @@ AS207978 -no-description- (No org name found)
 AS207979 -no-description- (No org name found)
 AS207984 -no-description- (No org name found)
 AS207986 -no-description- (No org name found)
-AS207997 -no-description- (No org name found)
 AS208003 -no-description- (No org name found)
 AS208008 -no-description- (No org name found)
 AS208044 -no-description- (No org name found)
@@ -5046,6 +5055,7 @@ AS209024 -no-description- (No org name found)
 AS209030 -no-description- (No org name found)
 AS209037 -no-description- (No org name found)
 AS209038 -no-description- (No org name found)
+AS209057 -no-description- (No org name found)
 AS209059 -no-description- (No org name found)
 AS209067 -no-description- (No org name found)
 AS209084 -no-description- (No org name found)
@@ -5059,6 +5069,7 @@ AS209165 -no-description- (No org name found)
 AS209186 -no-description- (No org name found)
 AS209188 -no-description- (No org name found)
 AS209206 -no-description- (No org name found)
+AS209207 -no-description- (No org name found)
 AS209217 -no-description- (No org name found)
 AS209219 -no-description- (No org name found)
 AS209228 -no-description- (No org name found)
@@ -5068,7 +5079,6 @@ AS209269 -no-description- (No org name found)
 AS209284 -no-description- (No org name found)
 AS209289 -no-description- (No org name found)
 AS209290 -no-description- (No org name found)
-AS209298 -no-description- (No org name found)
 AS209303 -no-description- (No org name found)
 AS209307 -no-description- (No org name found)
 AS209313 -no-description- (No org name found)
@@ -5262,13 +5272,11 @@ AS211400 -no-description- (No org name found)
 AS211404 -no-description- (No org name found)
 AS211406 -no-description- (No org name found)
 AS211446 -no-description- (No org name found)
-AS211473 -no-description- (No org name found)
 AS211486 -no-description- (No org name found)
 AS211497 -no-description- (No org name found)
 AS211503 -no-description- (No org name found)
 AS211506 -no-description- (No org name found)
 AS211508 -no-description- (No org name found)
-AS211515 -no-description- (No org name found)
 AS211517 -no-description- (No org name found)
 AS211520 -no-description- (No org name found)
 AS211529 -no-description- (No org name found)
@@ -5430,21 +5438,21 @@ AS213075 -no-description- (No org name found)
 AS213077 -no-description- (No org name found)
 AS213105 -no-description- (No org name found)
 AS213117 -no-description- (No org name found)
-AS213133 -no-description-
-AS213175 -no-description-
-AS213182 -no-description-
-AS213191 -no-description-
-AS213194 -no-description-
-AS213203 -no-description-
-AS213220 -no-description-
-AS213235 -no-description-
-AS213258 -no-description-
-AS213278 -no-description-
-AS213294 -no-description-
-AS213304 -no-description-
-AS213316 -no-description-
-AS213329 -no-description-
-AS213334 -no-description-
+AS213133 -no-description- (No org name found)
+AS213175 -no-description- (No org name found)
+AS213182 -no-description- (No org name found)
+AS213191 -no-description- (No org name found)
+AS213194 -no-description- (No org name found)
+AS213203 -no-description- (No org name found)
+AS213220 -no-description- (No org name found)
+AS213235 -no-description- (No org name found)
+AS213258 -no-description- (No org name found)
+AS213278 -no-description- (No org name found)
+AS213294 -no-description- (No org name found)
+AS213304 -no-description- (No org name found)
+AS213316 -no-description- (No org name found)
+AS213329 -no-description- (No org name found)
+AS213334 -no-description- (No org name found)
 AS213348 -no-description-
 AS213369 -no-description-
 AS213381 -no-description-
@@ -5462,7 +5470,6 @@ AS213498 -no-description-
 AS213499 -no-description-
 AS213501 -no-description-
 AS213503 -no-description-
-AS213505 -no-description-
 AS213506 -no-description-
 AS213508 -no-description-
 AS213523 -no-description-
@@ -5501,13 +5508,13 @@ AS213875 -no-description-
 AS213883 -no-description-
 AS213890 -no-description-
 AS213917 -no-description-
+AS213922 -no-description-
 AS213926 -no-description-
 AS213933 -no-description-
 AS213937 -no-description-
 AS213952 -no-description-
 AS213961 -no-description-
 AS213995 -no-description-
-AS214009 -no-description-
 AS214031 -no-description-
 AS214048 -no-description-
 AS214051 -no-description-
@@ -5573,7 +5580,6 @@ AS214767 -no-description-
 AS214780 -no-description-
 AS214787 -no-description-
 AS214793 -no-description-
-AS214804 -no-description-
 AS214816 -no-description-
 AS214817 -no-description-
 AS214822 -no-description-
@@ -5602,6 +5608,7 @@ AS215077 -no-description-
 AS215092 -no-description-
 AS215096 -no-description-
 AS215098 -no-description-
+AS215103 -no-description-
 AS215106 -no-description-
 AS215109 -no-description-
 AS215115 -no-description-
@@ -5656,6 +5663,7 @@ AS215678 -no-description-
 AS215688 -no-description-
 AS215705 -no-description-
 AS215721 -no-description-
+AS215751 -no-description-
 AS215796 -no-description-
 AS215805 -no-description-
 AS215809 -no-description-

auto/all-ru-ipv6.txt

@@ -53,6 +53,7 @@
 2001:678:85c::/48 GIVC (Main Center of Information and Computing Ministry of culture of Russian Federation)
 2001:678:8f0::/48 RU-PDV (Podolskii Dmitrii Vladimirovich)
 2001:678:8fc::/48 RU-ROSNIIROS-20190111 (JSC Goznak)
+2001:678:978::/48 PrivateNet (Yanislav Basiuk)
 2001:678:99c::/48 CZ-VISSADO-20190515 (Mediasvyaz Ltd.)
 2001:678:9c4::/48 BCC (JSC Business-center Capital)
 2001:678:9d0::/48 RU-RETNNET-20190621 (LLC Zenit-Arena)
@@ -61,6 +62,7 @@
 2001:678:a60::/48 RU-ONGNETPLUS-20190411 (OngNet Plus LLC)
 2001:678:a70::/48 CZ-VISSADO-20190425 (VostokMediaSvyaz Ltd.)
 2001:678:ab0::/48 PlanetaTelekom (Kurochkin Evgeniy Anatolievich)
+2001:678:ac0::/48 CH-SECUREBIT-20260106 (Artur Zagidullin)
 2001:678:b3c::/48 RU-DSP-20191017 (INVITRO-Information technology LLC)
 2001:678:b40::/48 ORG-ITOA1-RIPE (Tsyapa Oleg Anatolyevich)
 2001:678:b48::/48 LEMANAPRO-NET (Le Monlid LLC)
@@ -84,7 +86,6 @@
 2001:678:e2c::/48 DWDM-RU-V6-NET (DWDM.RU llc)
 2001:678:e30::/48 virtaldc-ipv6-backbone (Dmitrii Vladimirovich Malkov)
 2001:678:e84::/48 RU-MSP2018-20201023 (VIP-TELECOM LLC)
-2001:678:ee4::/48 IP-Petrosyan-Maksim-Markslenovicht (IP Petrosyan Maksim Markslenovich)
 2001:678:ee8::/48 TRC-BRT-IPV6 (Teleradiocompany Bytradiotehnika Ltd.)
 2001:678:eec::/48 NPI-TU (Federal State Budgetary Educational Institution of Higher Education "M.I.Platov South-Russian State Polytechnic University (NPI)")
 2001:678:f38::/48 RU-RETNNET-20210504 (Traffic Ltd)
@@ -93,7 +94,7 @@
 2001:678:1024::/48 SIRENATRAVEL-NETv6 (Sirena Travel AO)
 2001:678:1034::/48 RU-ELKOMA (Elkoma LLC)
 2001:678:1058::/48 CZ-VISSADO-20250305 (GP Internet Ltd.)
-2001:67c:20::/48 ABSOLYT-NET (Limited liability company Absolyt)
+2001:67c:20::/48 ABSOLYT-NET (Limited liability company Absolut)
 2001:67c:84::/48 MANNET-6NET (MAN net Ltd.)
 2001:67c:e8::/48 RU-NEMEROV (Nemerov Evgeniy Vladimirovish PE)
 2001:67c:100::/48 RU-DINET-20210819 (Limited Liability Company "R-Business Svyaz")
@@ -115,6 +116,7 @@
 2001:67c:5c4::/48 MBITCITY-NET (Mbit City Ltd.)
 2001:67c:614::/48 RU-INDATA-20160728 (FOUNDATION FOR DEVELOPMENT OF NETWORKING TECHNOLOGIES "INDATA")
 2001:67c:62c::/48 PRK-V6NET (JSC Trading house Perekriostok)
+2001:67c:650::/48 RU-HYPERNET-20260210 (JSC ALIAS)
 2001:67c:664::/48 BALTSOYA-AS (CJSC Sodruzhestvo Soya)
 2001:67c:698::/48 AIRKHV (JSC "Khabarovsky airport")
 2001:67c:6a0::/48 RSCC (Federal State Unitary Enterprise "Russian Satellite Communication Company")
@@ -135,6 +137,7 @@
 2001:67c:948::/48 RU-OPTIBIT-20220218 (Mobilon Telecommunications LLC)
 2001:67c:95c::/48 RU-RTK-20220223 (JSC COMMERCIAL BANK "KHLYNOV")
 2001:67c:a5c::/48 RU-GSYSTEM-20220810 (LLC OZON BANK)
+2001:67c:a80::/48 Foton-net (Foton Company Ltd)
 2001:67c:ac4::/48 RU-SITENET-20220928 (Ministry of Finance of the Sakhalin region)
 2001:67c:b00::/48 VMI-NET6 (OOO NPO VMI)
 2001:67c:b18::/48 LITE-HOST (Rusachenko Evgenii Sergeevich)
@@ -157,7 +160,7 @@
 2001:67c:f64::/48 AB-GAGRATEL (Gagra Telecom LLC)
 2001:67c:f88::/48 RU-SIGNALTELECOM (Signal-Telecom LLC)
 2001:67c:f98::/48 CZ-VISSADO-20241119 (Tecom Ltd.)
-2001:67c:fa0::/48 SVYAZ6-NET (Svyaz JSC)
+2001:67c:fa0::/48 SVYAZ6-NET (Svyaz Ltd)
 2001:67c:fb0::/48 FAITID-NETWORK (Foundation for Assistance for Internet Technologies and Infrastructure Development)
 2001:67c:fb4::/48 RU-KIPREY (Kiprey JSC)
 2001:67c:fcc::/48 RU-SERGIENKO-20241220 (KAMETA LLC)
@@ -282,7 +285,7 @@
 2001:67c:2e98::/48 RU-RTK-20151005 (FGBOU VO Saratov State Medical University named after V.I.Razumovsky)
 2001:67c:2e9c::/48 SANTEKHKOMPLEKT (LTD Santekhkomplekt)
 2001:67c:2ec8::/48 RU-RTK-20151021 (RusAccreditation. Federal Service for accreditation)
-2001:67c:2ee0::/48 VIKSCOM-IPV6-NET (Vikscom Ltd.)
+2001:67c:2ee0::/48 VIKS-NET (Vikscom Ltd.)
 2001:67c:2f90::/48 SOFTBUILD (SOFTBUILD LLC)
 2001:67c:2fd4::/48 ORG-IO52-RIPE (IPSvyaz OOO)
 2001:6d0::/32 RU-MSK-IX-20010219 (Join-stock company "Internet Exchange"MSK-IX")
@@ -302,7 +305,7 @@
 2001:7f8:a7::/48 BAIKAL-IX-NET-v6 (LLC Zero Kilometer)
 2001:7f8:ac::/48 RU-OPTIBIT-20160922 (Optibit LLC)
 2001:7f8:c8::/48 RU-DREAMNET-20180514 (Weacom Ltd)
-2001:7f8:c9::/48 RU-CHTE-20180525 (Chitatehenergy JSC)
+2001:7f8:c9::/48 RU-CHTE-20180525 (JOINT-STOCK COMPANY "MOSCOW ENERGY COMMUNICATION NODE")
 2001:7f8:e6::/48 RU-PITER-IX-SPB (Piter-IX Co. Ltd.)
 2001:7f8:eb::/48 RU-PITER-IX-MSK (Piter-IX Co. Ltd.)
 2001:7f8:ee::/48 RU-LINXDATACENTER-20200218 (Svyaz VSD LLC)
@@ -326,7 +329,7 @@
 2a00:eba::/31 RU-STACK-20100219 (StackNet Service, LLC)
 2a00:ebc::/30 RU-STACK-20100219 (StackNet Service, LLC)
 2a00:f00::/29 RU-MTU-20081124 (MTS PJSC)
-2a00:f08::/32 RU-WILAND-20081124 (Wiland Ltd)
+2a00:f08::/32 RU-TRUNKMOBILE-20081124 (TrunkMobile JSC)
 2a00:f30::/32 RU-QUANTUM-20081127 (Quantum CJSC)
 2a00:1020::/32 RU-SEVEREN-20090619 (JSC "Severen-Telecom")
 2a00:1078::/32 RU-STROYTECHSERVICE-20090630 (Stroytechservice LLC)
@@ -475,7 +478,7 @@
 2a00:b940::/32 RU-IGRA-SERVICE-20150520 (Igra-Service LLC)
 2a00:bcc0::/32 RU-ELIT-TV-20160601 (Viter Evgeniy Vasilevich)
 2a00:bd40::/32 RU-INEWS-20120314 (INEWS LLC)
-2a00:bdc0::/29 RU-VKONTAKTE-20120314 (VKontakte Ltd)
+2a00:bdc0::/29 RU-VKONTAKTE-20120314 (LLC VK)
 2a00:be00::/29 RU-MASTERTEL-20110125 (JSC Mastertel)
 2a00:be20::/32 RU-VERMONT-IT-20130725 (Vermont-IT Limited Liability Company)
 2a00:bf00::/32 RU-CT-C-20110217 ("Computational technologies - consulting" LLC)
@@ -845,7 +848,7 @@
 2a03:58c0::/32 RU-KAMENSKTEL-20121113 (Closed Joint Stock Company Radiotelephone)
 2a03:5a00::/29 RU-LEADERTELECOM-20110204 (LeaderTelecom Ltd.)
 2a03:5a60::/32 RU-LINENEW-20141125 (Limited liability company "New Line")
-2a03:5a80::/32 RU-WILAND-20110915 (Wiland Ltd)
+2a03:5a80::/32 RU-TRUNKMOBILE-20110915 (TrunkMobile JSC)
 2a03:5b80::/32 RU-TRANSTELECOM-20140616 (Joint Stock Company TransTeleCom)
 2a03:5c80::/32 RU-TELEMAKS-20110915 (TeleMaks Ltd)
 2a03:5ca0::/32 RU-GTSS-20141128 (GeoTelecommunications LLC)
@@ -1441,7 +1444,7 @@
 2a0b:9000::/29 RU-AU-20190621 (Auction LLC)
 2a0b:9080::/29 RU-MGNHOST-NET-20220128 (Tyurin Viktor Mihaylovich)
 2a0b:9480::/29 RU-TELECOM-20181002 (Telenet LLC)
-2a0b:97c0::/29 RU-CHTE-20170725 (Chitatehenergy JSC)
+2a0b:97c0::/29 RU-EESNET-20170725 (JOINT-STOCK COMPANY "MOSCOW ENERGY COMMUNICATION NODE")
 2a0b:9a00::/29 RU-FIRSTDC-20200428 (Perviy TSOD LLC)
 2a0b:9c40::/29 RU-FILI-TELECOM-20170725 (FILI-Telecom LLC)
 2a0b:9fc0::/29 RU-RAID-20170726 (JSC "ER-Telecom Holding")
@@ -1494,6 +1497,7 @@
 2a0c:5640::/29 RU-INTELLIN-20180412 (JSC Intellin)
 2a0c:5ec0::/29 RU-SERVICE-IT-20180416 (LLC IT-service)
 2a0c:6680::/29 RU-KLEYNKOM4-20180105 (Kleynkom LLC)
+2a0c:68c0::/29 RU-WS1-20260130 ("Wireless systems" LLC)
 2a0c:6900::/29 RU-LEK-20171113 (Alliance LLC)
 2a0c:6c00::/29 RU-VDS-TELECOM-20230504 (VDS-TELECOM LLC)
 2a0c:6d00::/32 RU-SPACE-20171113 (Federal State Budgetary Institution of Science "Space Research Institute of the Russian Academy of Sciences".)
@@ -1570,6 +1574,7 @@
 2a0d:6d40::/29 RU-REGLAND-20240220 (Regland ltd)
 2a0d:70c0::/29 RU-AT-20180914 (Apple Technologies LLC)
 2a0d:7480::/29 RU-SETII-20180214 (Nets and Services JCS)
+2a0d:7680::/32 RU-IAKHONTOV-20260203 (Iaroslav Iakhontov)
 2a0d:7740::/29 RU-VPSVILLE1-20180917 (LLC Vpsville)
 2a0d:7840::/29 RU-MAINACC-20180918 (Ivan Bulavkin)
 2a0d:80c0::/29 RU-RSVOSPB-20180919 (JSC Russian Broadcasting and Notification Networks)
@@ -1809,7 +1814,7 @@
 2a10:4f80::/29 RU-FIRSTDC-20200421 (Perviy TSOD LLC)
 2a10:5080::/29 RU-FIRSTDC-20200421 (Perviy TSOD LLC)
 2a10:5180::/29 RU-FIRSTDC-20200421 (Perviy TSOD LLC)
-2a10:5cc0::/29 RU-MAI-20200904 (Federal State Budgetary Educational Institution of Higher Education Moscow Aviation Institute (National Research University))
+2a10:5cc0::/29 RU-MAI-20200904 (Federal State Autonomous Educational Institution of Higher Education "Moscow Aviation Institute (National Research University)")
 2a10:61c0::/29 RU-DATAFORT-20200909 (DataFort LLC)
 2a10:62c0::/29 RU-OKKO-20200911 (OKKO LLC)
 2a10:6a40::/29 RU-IITRUST-20200918 (InfoTeCS Internet Trust JSC)
@@ -1835,7 +1840,9 @@
 2a10:9bc0::/29 RU-FIRSTDC-20210225 (Perviy TSOD LLC)
 2a10:9c40::/29 RU-FIRSTDC-20210225 (Perviy TSOD LLC)
 2a10:9cc0::/29 RU-FIRSTDC-20210225 (Perviy TSOD LLC)
+2a10:a680::/29 RU-INTECH-20260213 (INTEX ltd.)
 2a10:aa80::/29 RU-NUBES-20201217 (NUBES llc)
+2a10:ab80::/29 RU-PREFIXLABS-20260216 (Denis Aleksandrovich Iakovlev)
 2a10:ad00::/29 RU-FIRSTDC-20201117 (Perviy TSOD LLC)
 2a10:ad80::/29 RU-IVC-20201218 (Information & Computing Center, Ltd.)
 2a10:af00::/29 RU-FIRSTDC-20201117 (Perviy TSOD LLC)
@@ -1852,6 +1859,7 @@
 2a10:cfc0::/29 RU-TALENTSUCCESS-20210408 (Educational Fund "Talent and success")
 2a10:d240::/29 RU-MAINACC-20210412 (Ivan Bulavkin)
 2a10:d5c0::/29 RU-MAINACC-20210414 (Ivan Bulavkin)
+2a10:d740::/29 RU-KVANTA-20260216 (KVANTA LLC)
 2a10:d8c0::/29 RU-VPSVILLE1-20210416 (LLC Vpsville)
 2a10:df00::/29 RU-RVISION-20201124 (RVISION Ltd.)
 2a10:e040::/29 RU-MAINACC-20210421 (Ivan Bulavkin)
@@ -1861,6 +1869,7 @@
 2a10:f640::/29 RU-ACTIVEBC-20210506 (ActiveBusinessConsult LLC)
 2a10:fa00::/29 RU-EVROKONTAKTVN-20201109 (EUROCONTACT VELIKY NOVGOROD LLC)
 2a11:200::/29 RU-VPSVILLE1-20210511 (LLC Vpsville)
+2a11:300::/29 RU-TUNDRA-TC-20260216 (LLC "TUNDRA TELECOM")
 2a11:640::/29 RU-TELECOM-20210701 (Telenet LLC)
 2a11:680::/29 RU-VPSVILLE1-20210514 (LLC Vpsville)
 2a11:700::/29 RU-CTEL-20210512 (LLC Tatarstan-On-Line)
@@ -1950,7 +1959,7 @@
 2a11:85c0::/29 RU-LOCAL-20211007 (LIR LLC)
 2a11:8600::/29 RU-NICOS-20210720 (LLC Company NICOS)
 2a11:8780::/29 RU-MESHNET-20210824 (Vladimir Dmitriev)
-2a11:87c0::/29 RU-TELEGA-20251124 (JOINT STOCK COMPANY "DAL")
+2a11:87c0::/29 RU-TELEGA-20251124 (JOINT STOCK COMPANY "TELEGA")
 2a11:8940::/29 RU-AU-20211007 (Auction LLC)
 2a11:8f80::/29 RU-LOCAL-20210825 (LIR LLC)
 2a11:91c0::/29 RU-IPMAGNAT-20211008 (Mikhail Tonkonog)

blacklists/blacklist-v6.txt

@@ -1,25 +0,0 @@
-2a00:1148::/29
-2a00:1148::/32
-2a00:46e0:2::/48
-2a00:46e0::/32
-2a00:a300::/32
-2a00:b4c0::/32
-2a00:bdc0:8000::/34
-2a00:bdc0::/33
-2a00:bdc0:c000::/35
-2a00:bdc0:e002::/48
-2a00:bdc0:e003::/48
-2a00:bdc0:e004::/48
-2a00:bdc0:e005::/48
-2a00:bdc0:e007::/48
-2a00:bdc0:f000::/36
-2a00:bdc1::/32
-2a00:bdc2::/31
-2a00:bdc4::/30
-2a0c:a9c7:156::/48
-2a0c:a9c7:157::/48
-2a0c:a9c7:158::/48
-2a14:25c0::/32
-2a14:25c5::/32
-2a14:25c6::/32
-2a14:25c7::/32

blacklists_iptables/README.md

@@ -1,109 +0,0 @@
-# IPTables/IPSet Blacklist Configurations
-
-Auto-generated ipset configuration files for blocking networks and IP addresses with iptables/ip6tables.
-
-## Available Files
-
-### IPv4 Only
-
-- **`blacklist-v4.ipset`** - Contains only IPv4 networks (806 entries)
-
-### IPv6 Only
-
-- **`blacklist-v6.ipset`** - Contains only IPv6 networks (3 entries)
-
-### Mixed IPv4/IPv6
-
-- **`blacklist.ipset`** - Contains both IPv4 and IPv6 sets (809 total entries)
-
-## Usage
-
-### 1. Load the IPSet
-
-```bash
-# For IPv4 only
-ipset restore < blacklist-v4.ipset
-
-# For IPv6 only
-ipset restore < blacklist-v6.ipset
-
-# For both IPv4 and IPv6 (loads both sets)
-ipset restore < blacklist.ipset
-```
-
-### 2. Apply IPTables Rules
-
-```bash
-# For IPv4
-iptables -I INPUT -m set --match-set blacklist-v4 src -j DROP
-iptables -I FORWARD -m set --match-set blacklist-v4 src -j DROP
-
-# For IPv6
-ip6tables -I INPUT -m set --match-set blacklist-v6 src -j DROP
-ip6tables -I FORWARD -m set --match-set blacklist-v6 src -j DROP
-```
-
-### 3. Persist Rules (Optional)
-
-To make the rules persistent across reboots:
-
-**On Debian/Ubuntu:**
-
-```bash
-# Save iptables rules
-iptables-save > /etc/iptables/rules.v4
-ip6tables-save > /etc/iptables/rules.v6
-
-# Save ipset
-ipset save > /etc/ipset.conf
-```
-
-**On RHEL/CentOS:**
-
-```bash
-# Save iptables rules
-service iptables save
-service ip6tables save
-
-# Save ipset
-ipset save > /etc/sysconfig/ipset
-```
-
-### 4. Update Existing Sets
-
-To update the blacklist without restarting iptables:
-
-```bash
-# Flush and reload
-ipset flush blacklist-v4
-ipset restore < blacklist-v4.ipset
-```
-
-### 5. Remove Sets
-
-```bash
-# Remove IPv4 set
-ipset flush blacklist-v4
-ipset destroy blacklist-v4
-
-# Remove IPv6 set
-ipset flush blacklist-v6
-ipset destroy blacklist-v6
-```
-
-## Performance Benefits
-
-IPSet uses hash tables for O(1) lookup performance, making it ideal for large blacklists:
-
-- Much faster than individual iptables rules
-- Minimal CPU overhead
-- Supports up to 65536 entries per set (configurable)
-- Kernel-level implementation for maximum efficiency
-
-## Automatic Updates
-
-These files are automatically regenerated when the blacklists are updated via the GitHub Actions workflow.
-
-## Source
-
-Generated from the blacklist files in the `blacklists/` directory.

blacklists_iptables/blacklist-v6.ipset

@@ -1,43 +0,0 @@
-# IPSet blacklist configuration (IPv6 only)
-# Auto-generated from blacklist-v6.txt
-# Last updated: 2026-01-01 06:24:55 UTC
-#
-# Usage:
-#   1. Load the ipset:
-#      ipset restore < blacklist-v6.ipset
-#
-#   2. Use with iptables/ip6tables:
-#      iptables -I INPUT -m set --match-set blacklist-v6 src -m conntrack --ctstate NEW -j DROP
-#      iptables -I FORWARD -m set --match-set blacklist-v6 src -m conntrack --ctstate NEW -j DROP
-#
-#   3. To flush/delete the set:
-#      ipset flush blacklist-v6
-#      ipset destroy blacklist-v6
-#
-
-create blacklist-v6 hash:net family inet6 hashsize 1024 maxelem 50
-add blacklist-v6 2a00:1148::/29
-add blacklist-v6 2a00:1148::/32
-add blacklist-v6 2a00:46e0:2::/48
-add blacklist-v6 2a00:46e0::/32
-add blacklist-v6 2a00:a300::/32
-add blacklist-v6 2a00:b4c0::/32
-add blacklist-v6 2a00:bdc0:8000::/34
-add blacklist-v6 2a00:bdc0::/33
-add blacklist-v6 2a00:bdc0:c000::/35
-add blacklist-v6 2a00:bdc0:e002::/48
-add blacklist-v6 2a00:bdc0:e003::/48
-add blacklist-v6 2a00:bdc0:e004::/48
-add blacklist-v6 2a00:bdc0:e005::/48
-add blacklist-v6 2a00:bdc0:e007::/48
-add blacklist-v6 2a00:bdc0:f000::/36
-add blacklist-v6 2a00:bdc1::/32
-add blacklist-v6 2a00:bdc2::/31
-add blacklist-v6 2a00:bdc4::/30
-add blacklist-v6 2a0c:a9c7:156::/48
-add blacklist-v6 2a0c:a9c7:157::/48
-add blacklist-v6 2a0c:a9c7:158::/48
-add blacklist-v6 2a14:25c0::/32
-add blacklist-v6 2a14:25c5::/32
-add blacklist-v6 2a14:25c6::/32
-add blacklist-v6 2a14:25c7::/32

blacklists_nginx/README.md

@@ -1,302 +0,0 @@
-# Nginx Blacklist Configurations
-
-Auto-generated nginx configuration files for blocking networks and IP addresses.
-
-## Available Files
-
-### Mixed IPv4/IPv6
-
-- **`blacklist.conf`** - Contains both IPv4 and IPv6 deny rules (809 entries)
-
-### IPv4 Only
-
-- **`blacklist-v4.conf`** - Contains only IPv4 deny rules (806 entries)
-
-### IPv6 Only
-
-- **`blacklist-v6.conf`** - Contains only IPv6 deny rules (3 entries)
-
-## Usage
-
-### Basic Usage
-
-Include the desired configuration file in your nginx `server` or `location` block:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Include the blacklist
-    include /path/to/blacklist.conf;
-
-    location / {
-        # your configuration
-    }
-}
-```
-
-### Separate IPv4/IPv6 Files
-
-For more granular control, use separate files:
-
-```nginx
-server {
-    listen 80;
-    listen [::]:80;
-    server_name example.com;
-
-    # Include both IPv4 and IPv6 blacklists
-    include /path/to/blacklist-v4.conf;
-    include /path/to/blacklist-v6.conf;
-
-    location / {
-        # your configuration
-    }
-}
-```
-
-### HTTP Block Level
-
-Apply the blacklist globally to all virtual hosts:
-
-```nginx
-http {
-    # Apply blacklist globally
-    include /path/to/blacklist.conf;
-
-    server {
-        listen 80;
-        server_name example.com;
-        # ...
-    }
-
-    server {
-        listen 80;
-        server_name another.com;
-        # ...
-    }
-}
-```
-
-### Location Block Level
-
-For selective blocking within specific locations:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    location /admin {
-        # Apply blacklist only to admin area
-        include /path/to/blacklist.conf;
-        # ...
-    }
-
-    location /public {
-        # Public area without blacklist
-        # ...
-    }
-}
-```
-
-## Testing Configuration
-
-After adding the blacklist, always test your nginx configuration:
-
-```bash
-# Test configuration
-nginx -t
-
-# Reload nginx if test passes
-nginx -s reload
-# or
-systemctl reload nginx
-```
-
-## Custom Response
-
-By default, denied IPs receive a connection drop. To customize the response:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Return custom error page
-    error_page 403 /403.html;
-
-    include /path/to/blacklist.conf;
-
-    location = /403.html {
-        root /usr/share/nginx/html;
-        internal;
-    }
-}
-```
-
-Note: For large blacklists, using `deny` directives (as in these files) is more efficient than `if` statements.
-
-## Performance Considerations
-
-- **Deny directives** are processed in order and stop at the first match
-- For optimal performance, most frequently matched IPs should be at the top
-- Current files are sorted for consistency
-- Nginx handles hundreds of deny rules efficiently
-- For very large blacklists (10,000+ entries), consider using:
-  - Nginx GeoIP2 module for geographic blocking
-  - nftables/iptables at the firewall level for better performance
-  - Stream module for TCP/UDP level blocking
-
-## Integration Examples
-
-### Docker Deployment
-
-```dockerfile
-FROM nginx:alpine
-
-# Copy blacklist
-COPY blacklist.conf /etc/nginx/blacklist.conf
-
-# Copy nginx config that includes the blacklist
-COPY nginx.conf /etc/nginx/nginx.conf
-
-EXPOSE 80 443
-CMD ["nginx", "-g", "daemon off;"]
-```
-
-### Kubernetes ConfigMap
-
-```yaml
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: nginx-blacklist
-data:
-  blacklist.conf: |
-    # Include blacklist content here
-    deny 109.124.119.88/29;
-    deny 109.124.66.128/30;
-    # ...
-```
-
-### Automated Updates
-
-Set up a cron job to automatically fetch the latest blacklist:
-
-```bash
-#!/bin/bash
-# /etc/cron.daily/update-nginx-blacklist
-
-# Download latest blacklist
-wget -q https://raw.githubusercontent.com/C24Be/AS_Network_List/main/blacklists_nginx/blacklist.conf \
-  -O /etc/nginx/blacklist.conf.new
-
-# Test nginx configuration
-nginx -t -c /etc/nginx/nginx.conf
-
-# If test passes, reload nginx
-if [ $? -eq 0 ]; then
-    mv /etc/nginx/blacklist.conf.new /etc/nginx/blacklist.conf
-    systemctl reload nginx
-    echo "Blacklist updated successfully"
-else
-    rm /etc/nginx/blacklist.conf.new
-    echo "Nginx config test failed, blacklist not updated"
-fi
-```
-
-## Logging Blocked Requests
-
-To log denied requests:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Custom log format for denied IPs
-    log_format blocked '$remote_addr - $remote_user [$time_local] '
-                      '"$request" 403 0 '
-                      '"$http_referer" "$http_user_agent"';
-
-    access_log /var/log/nginx/blocked.log blocked;
-
-    include /path/to/blacklist.conf;
-
-    location / {
-        # your configuration
-    }
-}
-```
-
-## Monitoring
-
-Check how many IPs are being blocked:
-
-```bash
-# Count deny rules
-grep -c "deny" /path/to/blacklist.conf
-
-# Check blocked access logs
-tail -f /var/log/nginx/blocked.log
-
-# Count blocked requests today
-grep "$(date +%d/%b/%Y)" /var/log/nginx/access.log | grep " 403 " | wc -l
-```
-
-## Troubleshooting
-
-### Configuration Test Fails
-
-```bash
-# Check syntax
-nginx -t
-
-# Check for duplicate includes
-grep -r "include.*blacklist" /etc/nginx/
-
-# Verify file permissions
-ls -l /path/to/blacklist.conf
-```
-
-### Legitimate Users Blocked
-
-Check if their IP is in the blacklist:
-
-```bash
-grep "YOUR_IP" /path/to/blacklist.conf
-```
-
-Whitelist specific IPs before applying the blacklist:
-
-```nginx
-server {
-    listen 80;
-    server_name example.com;
-
-    # Whitelist before blacklist
-    allow 192.168.1.100;  # Trusted IP
-
-    # Then apply blacklist
-    include /path/to/blacklist.conf;
-
-    # Deny all others not explicitly allowed
-    # deny all;  # Optional
-}
-```
-
-## Automatic Updates
-
-These files are automatically regenerated daily when the blacklists are updated via the GitHub Actions workflow.
-
-## Source
-
-Generated from the blacklist files in the `blacklists/` directory by `blacklists_updater_nginx.sh`.
-
-## See Also
-
-- [IPTables/IPSet Format](../blacklists_iptables/README.md) - For firewall-level blocking
-- [Text Format](../blacklists/README.md) - For custom integrations
-- [Main Repository](https://github.com/C24Be/AS_Network_List) - Complete documentation

blacklists_nginx/blacklist-v6.conf

@@ -1,34 +0,0 @@
-# Nginx blacklist configuration (IPv6 only)
-# Auto-generated from blacklist-v6.txt
-# Last updated: 2026-01-01 06:24:55 UTC
-#
-# Usage: Include this file in your nginx server or location block:
-#   include /path/to/blacklist-v6.conf;
-#
-
-deny 2a00:1148::/29;
-deny 2a00:1148::/32;
-deny 2a00:46e0:2::/48;
-deny 2a00:46e0::/32;
-deny 2a00:a300::/32;
-deny 2a00:b4c0::/32;
-deny 2a00:bdc0:8000::/34;
-deny 2a00:bdc0::/33;
-deny 2a00:bdc0:c000::/35;
-deny 2a00:bdc0:e002::/48;
-deny 2a00:bdc0:e003::/48;
-deny 2a00:bdc0:e004::/48;
-deny 2a00:bdc0:e005::/48;
-deny 2a00:bdc0:e007::/48;
-deny 2a00:bdc0:f000::/36;
-deny 2a00:bdc1::/32;
-deny 2a00:bdc2::/31;
-deny 2a00:bdc4::/30;
-deny 2a0c:a9c7:156::/48;
-deny 2a0c:a9c7:157::/48;
-deny 2a0c:a9c7:158::/48;
-deny 2a14:25c0::/32;
-deny 2a14:25c5::/32;
-deny 2a14:25c6::/32;
-deny 2a14:25c7::/32;
-

blacklists_updater_iptables.sh

@@ -1,19 +1,46 @@
 #!/bin/sh
 
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
 # Input files (generated by blacklists_updater_txt.sh)
-blacklist_file="blacklists/blacklist.txt"
-blacklist_v4_file="blacklists/blacklist-v4.txt"
-blacklist_v6_file="blacklists/blacklist-v6.txt"
+blacklist_file="${SCRIPT_DIR}/blacklists/blacklist.txt"
+blacklist_v4_file="${SCRIPT_DIR}/blacklists/blacklist-v4.txt"
+blacklist_v6_file="${SCRIPT_DIR}/blacklists/blacklist-v6.txt"
+
+# Source files for name-based VK filtering
+auto_all_v4_file="${SCRIPT_DIR}/auto/all-ru-ipv4.txt"
+auto_all_v6_file="${SCRIPT_DIR}/auto/all-ru-ipv6.txt"
+auto_ripe_v4_file="${SCRIPT_DIR}/auto/ripe-ru-ipv4.txt"
+vk_name_pattern='VK[[:space:]-]*CLOUD|VKCOMPANY|VKONTAKTE'
+
+# Additional VK-only text blacklists
+blacklist_vk_file="${SCRIPT_DIR}/blacklists/blacklist-vk.txt"
+blacklist_vk_v4_file="${SCRIPT_DIR}/blacklists/blacklist-vk-v4.txt"
+blacklist_vk_v6_file="${SCRIPT_DIR}/blacklists/blacklist-vk-v6.txt"
 
 # Output directory and files
-iptables_output_dir="blacklists_iptables"
+iptables_output_dir="${SCRIPT_DIR}/blacklists_iptables"
 iptables_output_file="${iptables_output_dir}/blacklist.ipset"
 iptables_v4_output_file="${iptables_output_dir}/blacklist-v4.ipset"
 iptables_v6_output_file="${iptables_output_dir}/blacklist-v6.ipset"
+iptables_vk_output_file="${iptables_output_dir}/blacklist-vk.ipset"
+iptables_vk_v4_output_file="${iptables_output_dir}/blacklist-vk-v4.ipset"
+iptables_vk_v6_output_file="${iptables_output_dir}/blacklist-vk-v6.ipset"
 
 # Create iptables directory if it doesn't exist
 mkdir -p "${iptables_output_dir}"
 
+# Build additional VK-only blacklist from network names in auto/*.txt files
+tmp_vk_file="$(mktemp "${SCRIPT_DIR}/blacklists/.blacklist-vk.XXXXXX")"
+for source_file in "${auto_all_v4_file}" "${auto_all_v6_file}" "${auto_ripe_v4_file}"; do
+    [ -f "${source_file}" ] || continue
+    awk -v pattern="${vk_name_pattern}" 'BEGIN { IGNORECASE = 1 } $0 ~ pattern { print $1 }' "${source_file}" >> "${tmp_vk_file}"
+done
+sort -u "${tmp_vk_file}" > "${blacklist_vk_file}"
+grep ':' "${blacklist_vk_file}" | sort -u > "${blacklist_vk_v6_file}" || true
+grep -v ':' "${blacklist_vk_file}" | sort -u > "${blacklist_vk_v4_file}" || true
+rm -f "${tmp_vk_file}"
+
 # Function to generate ipset config from input file
 generate_ipset_config() {
     local input_file="$1"
@@ -21,6 +48,19 @@ generate_ipset_config() {
     local ip_version="$3"
     local set_name="$4"
     local family="$5"
+    local iptables_cmd="iptables"
+    local rule_primary=""
+    local rule_secondary=""
+
+    [ "${family}" = "inet6" ] && iptables_cmd="ip6tables"
+
+    if printf "%s" "${set_name}" | grep -q '^blacklist-vk'; then
+        rule_primary="${iptables_cmd} -I OUTPUT -m set --match-set ${set_name} dst -j REJECT"
+        rule_secondary="${iptables_cmd} -I FORWARD -m set --match-set ${set_name} dst -j REJECT"
+    else
+        rule_primary="${iptables_cmd} -I INPUT -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP"
+        rule_secondary="${iptables_cmd} -I FORWARD -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP"
+    fi
 
     # Count entries for hash size calculation
     local count=$(wc -l < "${input_file}" | tr -d ' ')
@@ -38,8 +78,8 @@ generate_ipset_config() {
 #      ipset restore < $(basename ${output_file})
 #
 #   2. Use with iptables/ip6tables:
-#      iptables -I INPUT -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP
-#      iptables -I FORWARD -m set --match-set ${set_name} src -m conntrack --ctstate NEW -j DROP
+#      ${rule_primary}
+${rule_secondary:+#      ${rule_secondary}}
 #
 #   3. To flush/delete the set:
 #      ipset flush ${set_name}
@@ -63,6 +103,8 @@ EOF
 # Generate ipset configurations from blacklist files
 generate_ipset_config "${blacklist_v4_file}" "${iptables_v4_output_file}" "(IPv4 only)" "blacklist-v4" "inet"
 generate_ipset_config "${blacklist_v6_file}" "${iptables_v6_output_file}" "(IPv6 only)" "blacklist-v6" "inet6"
+generate_ipset_config "${blacklist_vk_v4_file}" "${iptables_vk_v4_output_file}" "(VK names, IPv4 only)" "blacklist-vk-v4" "inet"
+generate_ipset_config "${blacklist_vk_v6_file}" "${iptables_vk_v6_output_file}" "(VK names, IPv6 only)" "blacklist-vk-v6" "inet6"
 
 # For mixed file, we need to create two sets (IPv4 and IPv6) as ipset doesn't support mixed families
 cat > "${iptables_output_file}" << EOF
@@ -94,3 +136,43 @@ tail -n +2 "${iptables_v6_output_file}" | grep -E "^(create|add)" >> "${iptables
 
 echo "✓ Generated (mixed IPv4/IPv6): ${iptables_output_file}"
 echo "  Total entries: $(wc -l < "${blacklist_file}" | tr -d ' ')"
+
+# Generate mixed VK-only ipset file (contains both v4 and v6 sets)
+cat > "${iptables_vk_output_file}" << EOF
+# IPSet blacklist configuration (VK names: VK Cloud / VKCOMPANY / VKONTAKTE)
+# Auto-generated from name-filtered auto/*.txt sources
+# Last updated: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+#
+# Usage:
+#   1. Load the ipset:
+#      ipset restore < $(basename "${iptables_vk_output_file}")
+#
+#   2. Use with iptables/ip6tables:
+#      iptables -I OUTPUT -m set --match-set blacklist-vk-v4 dst -j REJECT
+#      iptables -I FORWARD -m set --match-set blacklist-vk-v4 dst -j REJECT
+#      ip6tables -I OUTPUT -m set --match-set blacklist-vk-v6 dst -j REJECT
+#      ip6tables -I FORWARD -m set --match-set blacklist-vk-v6 dst -j REJECT
+#
+#   3. To flush/delete the sets:
+#      ipset flush blacklist-vk-v4 && ipset destroy blacklist-vk-v4
+#      ipset flush blacklist-vk-v6 && ipset destroy blacklist-vk-v6
+#
+
+EOF
+
+tail -n +2 "${iptables_vk_v4_output_file}" | grep -E "^(create|add)" >> "${iptables_vk_output_file}"
+echo "" >> "${iptables_vk_output_file}"
+tail -n +2 "${iptables_vk_v6_output_file}" | grep -E "^(create|add)" >> "${iptables_vk_output_file}"
+
+echo "✓ Generated (VK names, mixed IPv4/IPv6): ${iptables_vk_output_file}"
+echo "  Total entries: $(wc -l < "${blacklist_vk_file}" | tr -d ' ')"
+
+echo ""
+echo "VK outgoing block examples (iptables/ipset):"
+echo "  ipset restore < ${iptables_vk_output_file}"
+echo "  iptables -I OUTPUT -m set --match-set blacklist-vk-v4 dst -j REJECT"
+echo "  iptables -I FORWARD -m set --match-set blacklist-vk-v4 dst -j REJECT"
+echo "  ip6tables -I OUTPUT -m set --match-set blacklist-vk-v6 dst -j REJECT"
+echo "  ip6tables -I FORWARD -m set --match-set blacklist-vk-v6 dst -j REJECT"
+echo ""
+echo "Tip: Do not install Messenger MAX on the same phone/device that has VPN access configured."

blacklists_updater_nftables.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+# Generates nftables blacklist configurations from the main blacklist
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+INPUT_FILE="$SCRIPT_DIR/blacklists/blacklist.txt"
+OUTPUT_DIR="$SCRIPT_DIR/blacklists_nftables"
+
+# Source files for name-based VK filtering
+AUTO_ALL_V4_FILE="$SCRIPT_DIR/auto/all-ru-ipv4.txt"
+AUTO_ALL_V6_FILE="$SCRIPT_DIR/auto/all-ru-ipv6.txt"
+AUTO_RIPE_V4_FILE="$SCRIPT_DIR/auto/ripe-ru-ipv4.txt"
+VK_NAME_PATTERN='VK[[:space:]-]*CLOUD|VKCOMPANY|VKONTAKTE'
+
+# Additional VK-only text blacklists
+VK_INPUT_FILE="$SCRIPT_DIR/blacklists/blacklist-vk.txt"
+VK_INPUT_V4_FILE="$SCRIPT_DIR/blacklists/blacklist-vk-v4.txt"
+VK_INPUT_V6_FILE="$SCRIPT_DIR/blacklists/blacklist-vk-v6.txt"
+
+# Create output directory if it doesn't exist
+mkdir -p "$OUTPUT_DIR"
+
+echo "Generating nftables blacklists..."
+
+# Build additional VK-only blacklist from network names in auto/*.txt files
+TMP_VK_FILE="$(mktemp "$SCRIPT_DIR/blacklists/.blacklist-vk.XXXXXX")"
+for source_file in "$AUTO_ALL_V4_FILE" "$AUTO_ALL_V6_FILE" "$AUTO_RIPE_V4_FILE"; do
+    [[ -f "$source_file" ]] || continue
+    awk -v pattern="$VK_NAME_PATTERN" 'BEGIN { IGNORECASE = 1 } $0 ~ pattern { print $1 }' "$source_file" >> "$TMP_VK_FILE"
+done
+sort -u "$TMP_VK_FILE" > "$VK_INPUT_FILE"
+grep ':' "$VK_INPUT_FILE" | sort -u > "$VK_INPUT_V6_FILE" || true
+grep -v ':' "$VK_INPUT_FILE" | sort -u > "$VK_INPUT_V4_FILE" || true
+rm -f "$TMP_VK_FILE"
+
+# Generate mixed IPv4/IPv6 blacklist
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$INPUT_FILE" \
+    "$OUTPUT_DIR/blacklist.nft"
+
+# Generate IPv4-only blacklist
+TMP_V4_FILE="/tmp/blacklist-v4.txt"
+TMP_V6_FILE="/tmp/blacklist-v6.txt"
+grep -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+' "$INPUT_FILE" > "$TMP_V4_FILE" || true
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$TMP_V4_FILE" \
+    "$OUTPUT_DIR/blacklist-v4.nft"
+
+# Generate IPv6-only blacklist
+grep -E '^[0-9a-fA-F:]+:' "$INPUT_FILE" > "$TMP_V6_FILE" || true
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$TMP_V6_FILE" \
+    "$OUTPUT_DIR/blacklist-v6.nft"
+
+# Generate VK-only blacklists (network names: VK Cloud / VKCOMPANY / VKONTAKTE)
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$VK_INPUT_FILE" \
+    "$OUTPUT_DIR/blacklist-vk.nft"
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$VK_INPUT_V4_FILE" \
+    "$OUTPUT_DIR/blacklist-vk-v4.nft"
+python3 "$SCRIPT_DIR/generate_nft_blacklist.py" \
+    "$VK_INPUT_V6_FILE" \
+    "$OUTPUT_DIR/blacklist-vk-v6.nft"
+
+# Clean up temp files
+rm -f "$TMP_V4_FILE" "$TMP_V6_FILE"
+
+echo "nftables blacklists generated successfully!"
+echo ""
+echo "VM incoming block examples (all lists, nftables):"
+echo "  sudo nft -f $OUTPUT_DIR/blacklist.nft"
+echo "  sudo nft add chain inet filter input '{ type filter hook input priority 0; policy accept; }'"
+echo "  sudo nft add rule inet filter input ip saddr @blacklist_v4 counter reject"
+echo "  sudo nft add rule inet filter input ip6 saddr @blacklist_v6 counter reject"
+echo ""
+echo "VK outbound block examples for VPN clients via NAT (nftables):"
+echo "  sudo nft -f $OUTPUT_DIR/blacklist-vk.nft"
+echo "  sudo nft add chain inet filter forward '{ type filter hook forward priority 0; policy accept; }'"
+echo "  sudo nft add rule inet filter forward iifname \"<VPN_IFACE>\" ip daddr @blacklist_v4 counter reject"
+echo "  sudo nft add rule inet filter forward iifname \"<VPN_IFACE>\" ip6 daddr @blacklist_v6 counter reject"
+echo ""
+echo "Tip: Do not install Messenger MAX on the same phone/device that has VPN access configured."

blacklists_updater_routes.sh

@@ -0,0 +1,78 @@
+#!/bin/sh
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
+
+# Source files for name-based VK filtering
+AUTO_ALL_V4_FILE="${SCRIPT_DIR}/auto/all-ru-ipv4.txt"
+AUTO_ALL_V6_FILE="${SCRIPT_DIR}/auto/all-ru-ipv6.txt"
+AUTO_RIPE_V4_FILE="${SCRIPT_DIR}/auto/ripe-ru-ipv4.txt"
+VK_NAME_PATTERN='VK[[:space:]-]*CLOUD|VKCOMPANY|VKONTAKTE'
+
+# Additional VK-only text blacklists
+VK_INPUT_FILE="${SCRIPT_DIR}/blacklists/blacklist-vk.txt"
+VK_INPUT_V4_FILE="${SCRIPT_DIR}/blacklists/blacklist-vk-v4.txt"
+VK_INPUT_V6_FILE="${SCRIPT_DIR}/blacklists/blacklist-vk-v6.txt"
+
+# Output directory and files
+ROUTES_OUTPUT_DIR="${SCRIPT_DIR}/blacklists_route"
+ROUTES_V4_FILE="${ROUTES_OUTPUT_DIR}/blacklist-vk-v4.routes"
+ROUTES_V6_FILE="${ROUTES_OUTPUT_DIR}/blacklist-vk-v6.routes"
+
+mkdir -p "${ROUTES_OUTPUT_DIR}" "${SCRIPT_DIR}/blacklists"
+
+echo "Generating VK route blacklists..."
+
+# Build additional VK-only blacklist from network names in auto/*.txt files
+TMP_VK_FILE="$(mktemp "${SCRIPT_DIR}/blacklists/.blacklist-vk.XXXXXX")"
+for source_file in "${AUTO_ALL_V4_FILE}" "${AUTO_ALL_V6_FILE}" "${AUTO_RIPE_V4_FILE}"; do
+	[ -f "${source_file}" ] || continue
+	awk -v pattern="${VK_NAME_PATTERN}" 'BEGIN { IGNORECASE = 1 } $0 ~ pattern { print $1 }' "${source_file}" >> "${TMP_VK_FILE}"
+done
+
+sort -u "${TMP_VK_FILE}" > "${VK_INPUT_FILE}"
+grep ':' "${VK_INPUT_FILE}" | sort -u > "${VK_INPUT_V6_FILE}" || true
+grep -v ':' "${VK_INPUT_FILE}" | sort -u > "${VK_INPUT_V4_FILE}" || true
+rm -f "${TMP_VK_FILE}"
+
+# Generate IPv4 routes file (route VK prefixes to loopback via 127.0.0.1)
+cat > "${ROUTES_V4_FILE}" << EOF
+# Linux routes for VK networks (IPv4)
+# Auto-generated by $(basename "$0")
+# Last updated: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+#
+# Apply:
+#   sudo sh $(basename "${ROUTES_V4_FILE}")
+#
+
+EOF
+
+while IFS= read -r network; do
+	[ -n "${network}" ] || continue
+	printf 'ip route replace %s via 127.0.0.1 dev lo onlink\n' "${network}" >> "${ROUTES_V4_FILE}"
+done < "${VK_INPUT_V4_FILE}"
+
+# Generate IPv6 routes file (route VK prefixes to loopback via ::1)
+cat > "${ROUTES_V6_FILE}" << EOF
+# Linux routes for VK networks (IPv6)
+# Auto-generated by $(basename "$0")
+# Last updated: $(date -u +"%Y-%m-%d %H:%M:%S UTC")
+#
+# Apply:
+#   sudo sh $(basename "${ROUTES_V6_FILE}")
+#
+
+EOF
+
+while IFS= read -r network; do
+	[ -n "${network}" ] || continue
+	printf 'ip -6 route replace %s via ::1 dev lo\n' "${network}" >> "${ROUTES_V6_FILE}"
+done < "${VK_INPUT_V6_FILE}"
+
+echo "✓ Generated: ${ROUTES_V4_FILE} (entries: $(wc -l < "${VK_INPUT_V4_FILE}" | tr -d ' '))"
+echo "✓ Generated: ${ROUTES_V6_FILE} (entries: $(wc -l < "${VK_INPUT_V6_FILE}" | tr -d ' '))"
+echo ""
+echo "Examples:"
+echo "  sudo sh ${ROUTES_V4_FILE}"
+echo "  sudo sh ${ROUTES_V6_FILE}"

check_nft_blacklist.py

@@ -0,0 +1,113 @@
+#!/usr/bin/env python3
+"""
+check_nft_blacklist.py
+Checks if an IP address is in the nftables blacklist configuration.
+Usage:
+  check_nft_blacklist.py nft_bl.conf 192.168.1.1
+  check_nft_blacklist.py nft_bl.conf 2001:db8::1
+"""
+
+import sys
+import re
+from ipaddress import ip_address, ip_network, AddressValueError
+from pathlib import Path
+
+def parse_nft_config(config_path):
+    """Extract IPv4 and IPv6 prefixes from nftables config."""
+    p = Path(config_path)
+    if not p.exists():
+        raise FileNotFoundError(f"Config file not found: {config_path}")
+    
+    content = p.read_text(encoding="utf-8")
+    v4_prefixes = []
+    v6_prefixes = []
+    
+    # Parse IPv4 set (blacklist_v4)
+    v4_match = re.search(
+        r'set blacklist_v4\s*\{[^}]*elements\s*=\s*\{([^}]+)\}',
+        content,
+        re.DOTALL
+    )
+    if v4_match:
+        elements = v4_match.group(1)
+        # Extract all CIDR notations
+        for match in re.finditer(r'(\d+\.\d+\.\d+\.\d+(?:/\d+)?)', elements):
+            try:
+                v4_prefixes.append(ip_network(match.group(1), strict=False))
+            except Exception as e:
+                print(f"Warning: Could not parse IPv4 prefix '{match.group(1)}': {e}", file=sys.stderr)
+    
+    # Parse IPv6 set (blacklist_v6)
+    v6_match = re.search(
+        r'set blacklist_v6\s*\{[^}]*elements\s*=\s*\{([^}]+)\}',
+        content,
+        re.DOTALL
+    )
+    if v6_match:
+        elements = v6_match.group(1)
+        # Extract all IPv6 CIDR notations
+        for match in re.finditer(r'([0-9a-fA-F:]+(?:/\d+)?)', elements):
+            try:
+                v6_prefixes.append(ip_network(match.group(1), strict=False))
+            except Exception as e:
+                # Skip false matches from comments or other text
+                pass
+    
+    return v4_prefixes, v6_prefixes
+
+def check_ip_in_blacklist(ip_addr, v4_prefixes, v6_prefixes):
+    """Check if IP address is in any of the blacklist prefixes."""
+    try:
+        addr = ip_address(ip_addr)
+    except AddressValueError as e:
+        raise ValueError(f"Invalid IP address: {ip_addr} ({e})")
+    
+    prefixes = v4_prefixes if addr.version == 4 else v6_prefixes
+    
+    for prefix in prefixes:
+        if addr in prefix:
+            return True, prefix
+    
+    return False, None
+
+def main(argv):
+    if len(argv) < 3:
+        print("Usage: python3 check_nft_blacklist.py <nft_config.conf> <ip_address>")
+        print("Examples:")
+        print("  check_nft_blacklist.py nft_bl.conf 192.168.1.1")
+        print("  check_nft_blacklist.py nft_bl.conf 2001:db8::1")
+        return 2
+    
+    config_file = argv[1]
+    ip_to_check = argv[2]
+    
+    # Parse the nftables config
+    try:
+        print(f"Loading blacklist from: {config_file}")
+        v4_prefixes, v6_prefixes = parse_nft_config(config_file)
+        print(f"Loaded {len(v4_prefixes)} IPv4 prefixes and {len(v6_prefixes)} IPv6 prefixes")
+    except Exception as e:
+        print(f"ERROR: Could not parse config file: {e}", file=sys.stderr)
+        return 3
+    
+    # Check if IP is in blacklist
+    try:
+        is_blocked, matching_prefix = check_ip_in_blacklist(ip_to_check, v4_prefixes, v6_prefixes)
+        
+        print(f"\nChecking IP: {ip_to_check}")
+        print("-" * 50)
+        
+        if is_blocked:
+            print(f"✗ BLOCKED - IP is in blacklist")
+            print(f"  Matching prefix: {matching_prefix}")
+            return 1
+        else:
+            print(f"✓ OK - IP is NOT in blacklist")
+            return 0
+            
+    except ValueError as e:
+        print(f"ERROR: {e}", file=sys.stderr)
+        return 4
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv))

generate_nft_blacklist.py

@@ -0,0 +1,155 @@
+#!/usr/bin/env python3
+"""
+generate_nft_blacklist.py
+Reads prefixes from a file or stdin, aggregates them and writes nftables config.
+Uses named sets for efficient blacklist management.
+Usage:
+  git clone https://github.com/C24Be/AS_Network_List.git
+  generate_nft_blacklist.py ./AS_Network_List/blacklists/blacklist.txt nft_bl.conf
+  cp nft_bl.conf /etc/nftables.d/
+  systemctl restart nftables
+"""
+
+import sys
+from ipaddress import ip_network, collapse_addresses
+from pathlib import Path
+from datetime import datetime
+
+def read_lines(path_or_dash):
+    if path_or_dash == "-":
+        print("Reading prefixes from STDIN...")
+        return [ln.rstrip("\n") for ln in sys.stdin]
+    p = Path(path_or_dash)
+    if not p.exists():
+        raise FileNotFoundError(f"Input file not found: {path_or_dash}")
+    text = p.read_text(encoding="utf-8")
+    return text.splitlines()
+
+def aggregate_prefixes(lines):
+    v4, v6, invalid = [], [], []
+    for lineno, ln in enumerate(lines, start=1):
+        s = ln.strip()
+        if not s or s.startswith("#"):
+            continue
+        try:
+            net = ip_network(s, strict=False)
+            if net.version == 4:
+                v4.append(net)
+            else:
+                v6.append(net)
+        except Exception as e:
+            invalid.append((lineno, s, str(e)))
+    agg_v4 = list(collapse_addresses(sorted(v4, key=lambda x: (int(x.network_address), x.prefixlen))))
+    agg_v6 = list(collapse_addresses(sorted(v6, key=lambda x: (int(x.network_address), x.prefixlen))))
+    return agg_v4, agg_v6, invalid
+
+def make_nft_config(agg_v4, agg_v6, comment=None):
+    lines = []
+    lines.append("# Autogenerated nftables blacklist")
+    lines.append(f"# Generated: {datetime.utcnow().isoformat()}Z")
+    if comment:
+        lines.append(f"# {comment}")
+    lines.append(f"# IPv4: {len(agg_v4)}, IPv6: {len(agg_v6)}")
+    lines.append("")
+    lines.append("table inet filter {")
+    lines.append("")
+    
+    # Define IPv4 blacklist set
+    lines.append("    set blacklist_v4 {")
+    lines.append("        type ipv4_addr")
+    lines.append("        flags interval")
+    if agg_v4:
+        lines.append("        elements = {")
+        for i, net in enumerate(agg_v4):
+            comma = "," if i < len(agg_v4) - 1 else ""
+            lines.append(f"            {net.with_prefixlen}{comma}")
+        lines.append("        }")
+    lines.append("    }")
+    lines.append("")
+    
+    # Define IPv6 blacklist set
+    lines.append("    set blacklist_v6 {")
+    lines.append("        type ipv6_addr")
+    lines.append("        flags interval")
+    if agg_v6:
+        lines.append("        elements = {")
+        for i, net in enumerate(agg_v6):
+            comma = "," if i < len(agg_v6) - 1 else ""
+            lines.append(f"            {net.with_prefixlen}{comma}")
+        lines.append("        }")
+    lines.append("    }")
+    lines.append("")
+    
+    # Define input chain with set lookups
+    lines.append("    chain input {")
+    lines.append("        type filter hook input priority 0;")
+    lines.append("        policy accept;")
+    lines.append("")
+    lines.append("        ct state { established, related } accept")
+    lines.append("")
+    if agg_v4:
+        lines.append("        ip saddr @blacklist_v4 counter drop")
+    if agg_v6:
+        lines.append("        ip6 saddr @blacklist_v6 counter drop")
+    lines.append("    }")
+    lines.append("}")
+    return "\n".join(lines)
+
+def write_output(outpath, content):
+    if outpath == "-":
+        print(content)
+        return
+    p = Path(outpath)
+    p.write_text(content, encoding="utf-8")
+    p.chmod(0o644)
+    print(f"Wrote nft config to: {p} (size: {p.stat().st_size} bytes)")
+
+def main(argv):
+    if len(argv) < 3:
+        print("Usage: python3 generate_nft_blacklist.py input.txt output.conf")
+        print("Use '-' as input or output to mean STDIN/STDOUT respectively.")
+        return 2
+
+    infile, outfile = argv[1], argv[2]
+    try:
+        lines = read_lines(infile)
+    except Exception as e:
+        print(f"ERROR reading input: {e}", file=sys.stderr)
+        return 3
+
+    if not any(line.strip() and not line.strip().startswith("#") for line in lines):
+        print("WARNING: input contains no prefixes (empty or only comments). Nothing to aggregate.")
+        nft_conf = make_nft_config([], [], comment="Empty input produced no prefixes")
+        write_output(outfile, nft_conf)
+        return 0
+
+    agg_v4, agg_v6, invalid = aggregate_prefixes(lines)
+
+    if invalid:
+        print("Some lines could not be parsed (line, text, error):")
+        for ln, txt, err in invalid:
+            print(f"  {ln}: '{txt}' --> {err}", file=sys.stderr)
+
+    print(f"Aggregated IPv4 prefixes: {len(agg_v4)}")
+    for n in agg_v4:
+        print("  v4:", n)
+    print(f"Aggregated IPv6 prefixes: {len(agg_v6)}")
+    for n in agg_v6:
+        print("  v6:", n)
+
+    nft_conf = make_nft_config(agg_v4, agg_v6, comment=f"Source: {infile}")
+    try:
+        write_output(outfile, nft_conf)
+    except Exception as e:
+        print(f"ERROR writing output: {e}", file=sys.stderr)
+        return 4
+
+    print("Done.")
+    print("Load with: sudo nft -f <output.conf>")
+    print("View counters: sudo nft list chain inet filter input -a")
+    print("View sets: sudo nft list set inet filter blacklist_v4")
+    print("           sudo nft list set inet filter blacklist_v6")
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main(sys.argv))