Created
June 6, 2019 17:32
-
-
Save SpareSimian/d1c1be59676ebbb42b89b668fe76329a to your computer and use it in GitHub Desktop.
Dump AWS netblocks into zone files for use as ipsets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # download the current Amazon AWS list of netblocks and dump it into | |
| # two files, one each for IPv4 and IPv6. The result can be imported | |
| # into firewalld ipsets using --add-entries-from-file | |
| import requests | |
| ipv4_filename = 'AmazonAWS_ipv4.zone' | |
| ipv6_filename = 'AmazonAWS_ipv6.zone' | |
| # See https://aws.amazon.com/blogs/aws/aws-ip-ranges-json/ | |
| # fetch the JSON | |
| r = requests.get('https://ip-ranges.amazonaws.com/ip-ranges.json') | |
| # parse it into a dict of dicts | |
| j = r.json() | |
| # dump into output files | |
| with open(ipv4_filename, "w") as ipv4_file: | |
| for p in j['prefixes']: | |
| ipv4_file.write(p['ip_prefix']) | |
| ipv4_file.write('\n') | |
| with open(ipv6_filename, "w") as ipv6_file: | |
| for p in j['ipv6_prefixes']: | |
| ipv6_file.write(p['ipv6_prefix']) | |
| ipv6_file.write('\n') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment