You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+4-2Lines changed: 4 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,9 @@ I block the ASN address ranges of a large number of server rental companies as a
3
3
4
4
***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/ASN_LIST.txt">ASN_LIST.txt</a>*** --> list of the ASNs I block on my Fortigate IPSEC local-in policies. This shows the names of the ASN and the revision history tracking of when i added new ASN entires
5
5
6
-
***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/ASN_Update.sh">ASN_Update.sh</a>*** combined with ***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/ASN.txt">ASN.txt</a>*** --> script I use to pull all of the IP address details for all ASNs in ***```ASN.txt```*** and save the results into ***```asn_blockX.Y.txt```*** files so I can use my fortigate's external threat feeds to import the results. The script downloads (as of 12/22/2025) 38,940 subnet ranges, some of the ranges go as large as a /8 subnet! The ```ASN.txt``` is the raw listing of the blocked ASNs used by the shell script, while ```ASN_List.txt``` is the user-readable and revision history details of the ASNs being blocked as previously detailed.
6
+
***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/ASN_Update.sh">ASN_Update.sh</a>*** combined with ***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/ASN.txt">ASN.txt</a>*** --> script I use to pull all of the IP address details for all ASNs in ***```ASN.txt```*** and save the results into ***```asn_blockX.Y.txt```*** files so I can use my fortigate's external threat feeds to import the results. The script downloads (as of 1/21/2026) 38,974 subnet ranges, some of the ranges go as large as a /8 subnet! The ```ASN.txt``` is the raw listing of the blocked ASNs used by the shell script, while ```ASN_List.txt``` is the user-readable and revision history details of the ASNs being blocked as previously detailed.
7
+
8
+
Please note this script requires the external binary ```aggregate6``` written by https://github.com/job/aggregate6. A copy of the aggregate6 binary is included in this repo as well.
7
9
8
10
***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/asn_block1.1.txt">asn_block1.1.txt</a>*** --> The resulting files made when running the ```ASN_Update.sh``` script. any one Fortigate external threat feed can only handle 131,000 entries, and the script ensures the files are maxed out and aggregates everything into as few files as possible
9
11
@@ -12,7 +14,7 @@ I block the ASN address ranges of a large number of server rental companies as a
12
14
### 2.) Web Filter Blocks
13
15
While the fortigate firewalls do have built in web-filters for advertisements and known malicious actors, it is not blocking everything I would like it to. As such I wanted to use the plethora of Pie-Hole block lists, especially the lists at this amazing site https://firebog.net/. The issue is that these lists are not formatted in the way the Fortigate external threat feeds will accept. As a result I made a script that will download all of the separate lists, format the entries to be compatible with the external threat feeds, and save the entries into separate files with 131,000 entries per file since that is the limit of the threat feeds.
14
16
15
-
***<ahref="https://github.com/wallacebrf/dns/blob/main/webblock.sh">webblock.sh</a>*** --> This script pulls the domain names used in multiple Pie-Hole DNS block lists contained in ***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/web_block_source.txt">web_block_source.txt</a>***. The script formats the data in a way compatible with the fortigate since pie hole lists are formatted as HOST files. The script also performs a little more filtering, but most importantly to removes duplicate entries. For example, currently the PHP script downloads (as of 12/22/2025) 2,705,927 entries and after removing duplicates, has 1,894,589 unique entries being blocked.
17
+
***<ahref="https://github.com/wallacebrf/dns/blob/main/webblock.sh">webblock.sh</a>*** --> This script pulls the domain names used in multiple Pie-Hole DNS block lists contained in ***<ahref="https://raw.githubusercontent.com/wallacebrf/dns/refs/heads/main/web_block_source.txt">web_block_source.txt</a>***. The script formats the data in a way compatible with the fortigate since pie hole lists are formatted as HOST files. The script also performs a little more filtering, but most importantly to removes duplicate entries. For example, currently the PHP script downloads (as of 1/21/2026) 1,977,750 entries and after removing duplicates, has 1,287,318 unique entries being blocked.
16
18
17
19
I then use the WEB filter profile within my Fortigate firewall with the resulting ```web_blockX.txt``` files as external threat feed to block significant amounts of ads, tracking, and malicious sites on top of what fortinet already blocks.
0 commit comments