I have search and found old threads that haven't been active since 2017. I'm hoping to use my CCR1009 to block inbound ASN's to my server. Currently I'm using Cloudflare to do this but when people are downloading and Cloudflare is on, there seams to be a 20MBs download rate from the server. With cloudflare off there is a 95MBs. So I have a list of ASNs belonging to VPN, VPS, cloud hosting that I block from the sites. It has dramatically reduced the number of bruteforce attempts into the server.
So I've tried everything I've found but when testing using my mobile carrier ASN, I can still connect when Cloudflare is off which tells me those ways aren't working. Does anyone please have a working method to block ASNs from accessing through the firewall? Whether it's a firewall rule and list or routing with a list.