A Golang tool to whitelist ASN's based on organization name

goAllowOrgs

A Golang tool to whitelist ASN's based on organization name. This works by providing a list of ASN org names. This tool uses goPacket to monitor incoming traffic, capturing the IP's and checking the IP to see if it is a part of a whitelisted ASN. If it is not, it blocks that connection and future connections using iptables.

Uses

  • Whitelisting common ISP and target ASN's which in turn blocks connections from data centers.. think security tools..
  • Can be ran on any host, doesn't require a proxy or anything since its simply a packet sniffer

Disclaimers

  • This tool is fairly janky, since it blocks the traffic after the IP connects, the first few packets may get through. Not a problem if you have SSL since the SSL handshake takes enough time to drop the connections. If it is one web page with port 80, the page may be returned in cases where this tool does not kill the connection fast enough.
  • Must be run as root

Getting Started

Pull ASN data from db-ip, various libraries and add required headers

sudo apt-get install libpcap-dev
curl https://download.db-ip.com/free/dbip-asn-lite-2021-06.csv.gz -o asndata.csv.gz
gunzip asndata.csv.gz
sed -i '1 i\first,last,asn,org_name' asndata.csv
curl -fsSL https://github.com/banviktor/asnlookup/releases/download/v0.1.0/asnlookup-linux-amd64-v0.1.0.tar.gz | sudo tar -zx 
curl https://raw.githubusercontent.com/banviktor/asnlookup/main/hack/pull_rib.sh -o pull_rib.sh
chmod +x pull_rib.sh
./pull_rib.sh
bzcat rib.*.bz2 | ./asnlookup-utils convert --input - --output asn.db
touch allowed_orgs.txt

Now populate the allowed_orgs.txt file with line delimited strings of allowed orgs, example:

att
verizon
charter
spectrum

Now you should be ready to run the tool

root@ip-10-10-90-48:/home/jordan/test# ./main -h
                  _  _
 __ _  ___  __ _ | || | ___ __ __ __ ___  _ _  __ _
/ _` |/ _ \/ _` || || |/ _ \\ V  V // _ \| '_|/ _` |
\__, |\___/\__,_||_||_|\___/ \_/\_/ \___/|_|  \__, |
|___/                                         |___/
Usage of ./main:
  -asn_csv string
        CSV file with org name to ASN number (default "asndata.csv")
  -asn_db string
        ASN database (default "asn.db")
  -interface string
        Interface name (default "ens5")
  -orgs string
        File with line delimited orgs to allow (default "allowed_orgs.txt")
  -output string
        Log file name (default "goFW.log")
  -port string
        Port to monitor (default "443")
Owner
JP
JP
https://github.com/jordanpotti/goAllowOrgs
Similar Resources

A simple thread-safe, fixed size LRU written in Go. Based on dominictarr's Hashlru Algorithm. 🔃

go-hashlru A simple thread-safe, fixed size LRU written in Go. Based on dominictarr's Hashlru Algorithm. 🔃 Uses map[interface{}]interface{} to allow

Dec 5, 2022

Fast, scalable pseudo random number generator based on xxh3

Fast, scalable pseudo random number generator based on xxh3

XXH3-Based Pseudorandom Number Generator This package contains an experimental implementation of a noise based pseudorandom number generator that scal

Nov 24, 2022

Script Based Alerting Manager

Script Based Alerting Manager

A Project in active development. Features may have breaking changes at any time before v1.0.0 version Telegram Group Balerter is a scripts based alert

Dec 27, 2022

Daypaper sets your GNOME wallpaper based on the time of day from a random and relevant Unsplash image.

Daypaper Daypaper sets your GNOME wallpaper based on the time of day from a random and relevant Unsplash image. Installation You will need an Access T

May 23, 2022

CUE utilities and helpers for working with tree based objects in any combination of CUE, Yaml, and JSON.

Cuetils CUE utilities and helpers for working with tree based objects in any combination of CUE, Yaml, and JSON. Using As a command line binary The cu

Dec 24, 2022

Configuration based URL shortner useful for on page 301 redirects

GO_URL_SHORT Configuration based URL shortner useful for on page 301 redirects Configuration for shortened url can be loaded from a JSON file in forma

Oct 16, 2021

A rule-based tunnel in Go with experimental features.

A rule-based tunnel in Go with experimental features.

This repository is for archiving only Experimental-Clash A rule-based tunnel in Go with experimental features. Features Local HTTP/HTTPS/SOCKS server

Dec 3, 2021

RoutePlanner suggests circular walks or runs based on start location and desired distance.

RoutePlanner suggests circular walks or runs based on start location and desired distance.

RoutePlanner Backend This repository contains code that powers the routeplanner app. The app suggests circular walks or runs based on start location a

Nov 5, 2021

Toolkits Codes Based on Go.

Toolkits Codes Based on Go.

Nov 2, 2022
Related tags
Utilities goAllowOrgs
Go linter to check the struct literal to use field name

Structfield Find struct literals using non-labeled fields. The structfield analysis reports the usage of struct literal using non-labeled fields more

Aug 23, 2021
A parser for Ontario's baby name data
 A parser for Ontario's baby name data

obnp What? A parser for Ontario's baby name data Why? I wanted to see if a specific name existed in both the male and female datasets. This tool is mo

Mar 15, 2022
generate random data like name, email, uuid, address, images and etc.

gg-rand generate random data like name, email, uuid, address, images and etc. build and install: make run: gg-rand $ gg-rand SillyName : Knavesa

Nov 16, 2022
Calling functions by name and getting outputs by using reflect package.

Invoker A library to call (invoke) functions by taking names and sample inputs of those functions as parameters. And returns the types and values of o

Dec 20, 2021
The main goal of this code is to create a basic dnstap printing tool based on the golang-dnstap library.

dnstap-parse The main goal of this code is to create a basic dnstap printing tool based on the golang-dnstap library. The output is supposed to mimic

Nov 14, 2021
ptypes is a pointer-based box typing system for golang.

ptypes bypass go's type system through unsafe pointers the paradigm is to created a "boxed" type with .From and then use whatever types we want by ass

Aug 26, 2021
A concurrent rate limiter library for Golang based on Sliding-Window rate limiter algorithm.

ratelimiter A generic concurrent rate limiter library for Golang based on Sliding-window rate limitng algorithm. The implementation of rate-limiter al

Jan 6, 2023
GoLang-based client-side circuit breakers and helpers

Overview Example library for circuit breaking in GoLang. Written to support a blog post on https://www.wojno.com. Use this library in your SDK's to pr

Dec 5, 2021
A Golang wrapper for cookiemonster tool

cmon This is a wrapper for cookiemonster tool. This works with std input of domains/URLs. Example echo https://example.com | cmon cat input.txt | cmon

Nov 6, 2021
go generate based graphql server library
 go generate based graphql server library

gqlgen What is gqlgen? gqlgen is a Go library for building GraphQL servers without any fuss. gqlgen is based on a Schema first approach — You get to D

Dec 29, 2022