Skip to content

Instantly share code, notes, and snippets.

@AndrewJDR
AndrewJDR / cfipt.sh
Last active Feb 24, 2021
Cloudflare whitelist iptables update cron script
View cfipt.sh
#!/bin/bash
# Based on a template iptables config file, create a new
# iptables file that includes whitelist rules for CloudFlare's
# servers to connect to our HTTP and HTTPS ports. This is useful
# if you want to really lock down your web server so that it only
# communicates with cloudflare's servers, not with the general public.
# It works like this:
# * Get an up-to-date list of CloudFlare's server IPs
# * Read in config template from /etc/sysconfig/iptables.template
# * Output an iptables configuration file /etc/sysconfig/iptables