Created
October 7, 2019 17:44
-
-
Save kang000feng/6daaa3c2c14b4952d5159e3a0aa6028c to your computer and use it in GitHub Desktop.
build a bash script to gather ip range for netflix and aws and route them through redsocks port 12345
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| netflix_url = 'https://api.bgpview.io/asn/2906/prefixes' | |
| aws_url = 'https://ip-ranges.amazonaws.com/ip-ranges.json' | |
| netflix_data = json.loads(requests.get(netflix_url).content) | |
| aws_data = json.loads(requests.get(aws_url).content) | |
| with open('ipset.sh', 'w') as dst: | |
| dst.write('ipset create aws hash:net -!\n') | |
| dst.write('ipset create netflix hash:net -!\n') | |
| for ip_range in netflix_data['data']['ipv4_prefixes']: | |
| dst.write('ipset add netflix {} -!\n'.format(ip_range['prefix'])) | |
| for item in aws_data['prefixes']: | |
| dst.write('ipset add netflix {} -!\n'.format(item['ip_prefix'])) | |
| dst.write( | |
| 'iptables -t nat -A PREROUTING -p tcp --dport 443 -m set --match-set aws dst -j REDIRECT --to-ports 12345\n') | |
| dst.write( | |
| 'iptables -t nat -A PREROUTING -p tcp --dport 443 -m set --match-set netflix dst -j REDIRECT --to-ports 12345\n') | |
| dst.write('iptables -t nat -A OUTPUT -p tcp --dport 443 -m set --match-set aws dst -j REDIRECT --to-ports 12345\n') | |
| dst.write( | |
| 'iptables -t nat -A OUTPUT -p tcp --dport 443 -m set --match-set netflix dst -j REDIRECT --to-ports 12345\n') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment