First version

README.md

@@ -0,0 +1,104 @@
+# netflix-asn
+
+A small **Python utility** that fetches IPv4/IPv6 prefixes announced by one or more ASNs (via the [BGPView API](https://bgpview.io/api)) and ensures those prefixes are present in a MikroTik **IP firewall address-list**.  
+
+It’s designed to run inside **Docker** — using a `Dockerfile` and `docker-compose.yml`.
+
+## Features
+
+- Fetches all IPv4/IPv6 prefixes announced by one or more ASNs.
+- Adds missing prefixes to a MikroTik address-list.
+- Skips existing entries to avoid duplicates.
+- Logs progress and errors clearly.
+- Suitable for manual or scheduled execution.
+
+## Quick Start
+
+1. Create a `.env` file (see [Example .env](#example-env)).
+2. Build the Docker image:
+
+   ```bash
+   docker-compose build
+   ```
+
+3. Run the container:
+
+   ```bash
+   docker-compose up -d
+   ```
+
+4. View logs:
+
+   ```bash
+   docker-compose logs -f asn-syncer
+   ```
+
+## Example `.env`
+
+```env
+# Target ASN(s) — default is AS2906 (Netflix)
+ASN=AS55095,AS40027,AS394406,AS2906
+
+# MikroTik API connection
+MIKROTIK_HOST=192.168.88.1
+USERNAME=admin
+PASSWORD=verysecret
+
+# Name of the address-list on the MikroTik
+ADDRESS_LIST_NAME=Netflix
+```
+
+> **Tip:** Keep your `.env` file out of version control.  
+> Use Docker secrets or a secure secrets manager for production deployments.
+
+## Environment Variables
+
+| Variable            | Required | Default   | Description                                          |
+|---------------------|----------|-----------|------------------------------------------------------|
+| `ASN`               | No       | `AS2906`  | Comma-separated list of ASNs to fetch prefixes from. |
+| `MIKROTIK_HOST`     | Yes      | —         | IP or hostname of the MikroTik device.               |
+| `USERNAME`          | Yes      | —         | MikroTik API username.                               |
+| `PASSWORD`          | Yes      | —         | MikroTik API password.                               |
+| `ADDRESS_LIST_NAME` | No       | `Netflix` | MikroTik address-list name to add entries to.        |
+
+> The script sets a fixed `timeout=24:00:00` for each address-list entry.  
+> Modify the script if you prefer permanent entries.
+
+## How It Works
+
+1. The script loads configuration from environment variables.
+2. For each ASN, it queries:
+   ```
+   https://api.bgpview.io/asn/<ASN>/prefixes
+   ```
+3. It collects all IPv4/IPv6 prefixes and removes duplicates.
+4. Connects to the MikroTik API using [`librouteros`](https://pypi.org/project/librouteros/).
+5. For each prefix:
+   - Skips it if it already exists in the address-list.
+   - Otherwise adds it with:
+     - `timeout=24:00:00`
+     - `comment="Added from ASN"`
+
+## Logging & Exit Codes
+
+| Type            | Description                                                |
+|-----------------|------------------------------------------------------------|
+| **INFO**        | Normal progress messages (connection, added subnets, etc). |
+| **DEBUG**       | Skipped subnets that already exist.                        |
+| **ERROR/FATAL** | Connection or API failure.                                 |
+
+| Exit Code  | Meaning                                                      |
+|------------|--------------------------------------------------------------|
+| `0`        | Success                                                      |
+| `1`        | Fatal error (missing vars, API failure, or connection error) |
+
+## Security Notes
+
+- Never commit credentials or `.env` files to Git.
+- Use dedicated API accounts on MikroTik with minimal permissions.
+- Run the container within a trusted network or over a secure VPN.
+- Use `Docker secrets` for sensitive information in production.
+
+## License
+
+This project is provided under the [MIT License](LICENSE) — free for personal and commercial use.