Created
October 10, 2021 18:12
-
-
Save a3r0id/33556742027aae4bfba6a0a61887b654 to your computer and use it in GitHub Desktop.
Generates a whitelist for all CloudFlare IPs by specific ports. Prints to stdout, usage: cf_allow.py > firewall_whitelist.txt. Change ports directly in the respective list, $ports.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from requests import get | |
| url = "https://www.cloudflare.com/" | |
| with get(url + "ips-v4") as r: | |
| ipv4s = r.text.splitlines() | |
| with get(url + "ips-v6") as r: | |
| ipv6s = r.text.splitlines() | |
| firewall_rule = "tcp|in|d={PORT}|s={SRC}" | |
| ports = [ | |
| 80, | |
| 443, | |
| 2096, | |
| 8443 | |
| ] | |
| # Each port | |
| for port in ports: | |
| # Each proto | |
| for ipv4 in ipv4s: | |
| print(firewall_rule.replace("{PORT}", str(port)).replace("{SRC}", ipv4)) | |
| for ipv6 in ipv6s: | |
| print(firewall_rule.replace("{PORT}", str(port)).replace("{SRC}", ipv6)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment