Skip to content

Instantly share code, notes, and snippets.

@lifetyper lifetyper/netflix_aws_ipset_create.py
Created Dec 7, 2018

Embed
What would you like to do?
Learn more about clone URLs
Download ZIP
build a bash script to gather ip range for netflix and aws and route them through redsocks port 12345
Raw
netflix_aws_ipset_create.py
import requests
import json
netflix_url = 'https://api.bgpview.io/asn/2906/prefixes'
aws_url = 'https://ip-ranges.amazonaws.com/ip-ranges.json'
netflix_data = json.loads(requests.get(netflix_url).content)
aws_data = json.loads(requests.get(aws_url).content)
with open('ipset.sh', 'w') as dst:
dst.write('ipset create aws hash:net -!\n')
dst.write('ipset create netflix hash:net -!\n')
for ip_range in netflix_data['data']['ipv4_prefixes']:
dst.write('ipset add netflix {} -!\n'.format(ip_range['prefix']))
for item in aws_data['prefixes']:
dst.write('ipset add netflix {} -!\n'.format(item['ip_prefix']))
dst.write(
'iptables -t nat -A PREROUTING -p tcp --dport 443 -m set --match-set aws dst -j REDIRECT --to-ports 12345\n')
dst.write(
'iptables -t nat -A PREROUTING -p tcp --dport 443 -m set --match-set netflix dst -j REDIRECT --to-ports 12345\n')
dst.write('iptables -t nat -A OUTPUT -p tcp --dport 443 -m set --match-set aws dst -j REDIRECT --to-ports 12345\n')
dst.write(
'iptables -t nat -A OUTPUT -p tcp --dport 443 -m set --match-set netflix dst -j REDIRECT --to-ports 12345\n')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.