How to Block ASN (Autonomous System Number)

I need block using asn provider. Is this possible? y need change with agregate this fuction

you can do this using an additional dnsmasq configuration file, this to prevent losing the configuration after pihole -up.

example, assume the following.
you want to block everything from google ("asn":15169,"name":"GOOGLE")

{"status":"ok","status_message":"Query was successful","data":{"ip":"","ptr_record":"","prefixes":[{"prefix":"\/24","ip":"","cidr":24,"asn":{"asn":15169,"name":"GOOGLE","description":"Google LLC","country_code":"US"},"name":"GOOGLE","description":"Google LLC","country_code":"US"},{"prefix":"\/15","ip":"","cidr":15,"asn":{"asn":15169,"name":"GOOGLE","description":"Google LLC","country_code":"US"},"name":"GOOGLE","description":"Google LLC","country_code":"US"}],"rir_allocation":{"rir_name":"ARIN","country_code":null,"ip":"","cidr":15,"prefix":"\/15","date_allocated":"2012-05-24 00:00:00","allocation_status":"allocated"},"iana_assignment":{"assignment_status":"legacy","description":"Administered by ARIN","whois_server":"","date_assigned":null},"maxmind":{"country_code":null,"city":null}},"@meta":{"time_zone":"UTC","api_version":1,"execution_time":"685.45 ms"}}

notice the ip ( and cidr (24), combined in the prefix (

  • create an extra file /etc/dnsmasq.d/xx-asnblock.conf, replace xx with the next free number, content:
    option 1: bogus-nxdomain=
    option 2: ignore-address=

use one of the two options, not both.
option 1 will deliver an immediate NXDOMAIN reply
option 2 will simply timeout (when using dig)

ensure there is an extra linefeed after the line with the option you have chosen.
now restart FTL (sudo service pihole-FTL restart. done...

get asn info from IP ->
get asn info by asn number ->
get all prefixes for specific asn number ->

read the dnsmasq man for info on the options

1 Like

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.