Last active
June 13, 2017 09:14
-
-
Save Dmitriusan/eeff54351ab7bae8d35da8c1f500b5dc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import json | |
import urllib2 | |
import re | |
""" | |
This script prints up-to-date list of blocked subnets in Ukraine. This output may be used | |
in a shell script on router to selectively route all traffic to blocked resources through | |
your VPN. | |
GATEWAY="10.0.1.1" | |
for route in `python censored_subnets.py`; do | |
ip route replace ${route} via ${GATEWAY} 1>/dev/null 2>&1 | |
done | |
Gist: https://gist.github.com/Dmitriusan/eeff54351ab7bae8d35da8c1f500b5dc | |
""" | |
def curl(url): | |
return urllib2.urlopen(url).read() | |
regex = re.compile(r'^[\d./]+$', flags=re.MULTILINE) | |
def validate(subnet): | |
""" | |
Checks that subnet declaration consists only of digits, dots and slashes in order to avoid shell injection | |
that is theoretically possible if UaBlacklist.net site is compromised | |
""" | |
return regex.match(subnet) is not None | |
def get_nets(): | |
request = "https://uablacklist.net/subnets.json" | |
responce = curl(request) | |
return [subnet for subnet in json.loads(responce) if validate(subnet)] | |
if __name__ == "__main__": | |
nets = get_nets() | |
for net in nets: | |
print net |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment