-
-
Save pstakuu/9ea464d98cb5619133735d3ee6deeb22 to your computer and use it in GitHub Desktop.
$guid = New-Guid | |
$webdata = Invoke-RestMethod -Uri "https://endpoints.office.com/endpoints/worldwide?clientrequestid=$guid" | |
<# webdata example | |
id : 65 | |
serviceArea : Common | |
serviceAreaDisplayName : Microsoft 365 Common and Office Online | |
urls : {account.office.net} | |
ips : {52.108.0.0/14, 2603:1006:1400::/40, 2603:1016:2400::/40, 2603:1026:2400::/40...} | |
tcpPorts : 80,443 | |
expressRoute : True | |
category : Allow | |
required : True | |
#> | |
$urlsWithIPs = $webdata | where ips -ne $null | |
$data = foreach ($entry in $urlsWithIPs) { | |
foreach ($ip in $entry.ips) { | |
if ($ip -match "\/([1-9]|[12][0-9]|3[01])\b") { #this matches only CIDR ranges between /1 to /32 | |
$props = [ordered]@{ | |
"address" = $ip; | |
"description" = "$($entry.servicearea) for geoblock"; | |
"reason" = 2; | |
"type" = 2 | |
} | |
New-Object -TypeName PSObject -Property $props | |
} | |
} | |
} | |
$urls = $webdata | where urls -ne $Null | |
$moreData = foreach ($url in $urls) { | |
foreach ($URI in $url.urls) { | |
$props = [ordered]@{ | |
"address" = $URI; | |
"description" = "$($entry.servicearea) for geoblock"; | |
"reason" = 2; | |
"type" = 7 | |
} | |
New-Object -TypeName PSObject -Property $props | |
} | |
} | |
$allData = $data + $moreData | |
$date = get-date -Format MMddyy | |
New-object -TypeName PSObject -Property @{"geoblock_exc_list"=$allData} | ConvertTo-Json | out-file "C:\temp\$($date)_o365ips.txt" |
got the regex from https://regextutorial.org/regex-for-numbers-and-ranges.php
updated "type" to 2 for watchguard exceptions using networks is 2, instead of 1, which is host IP
Now it does URL's as well
Now it outputs the file with the geoblock_exc_list for the JSON so there's no manual manipulation
Now uses a new GUID for web requests per: https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-ip-web-service?view=o365-worldwide#common-parameters
Realizing now there is https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-ip-web-service?view=o365-worldwide#endpoints-web-method which indicates there is a NOIPV6=true parameter that could be used like:
$webdata = Invoke-RestMethod -Uri "https://endpoints.office.com/endpoints/worldwide?NOIPV6=true&clientrequestid=$guid"
Which would eliminate needing to filter for IPV4 afterwards
update to filter for only IPV4 - if ($ip -match "/([1-9]|[12][0-9]|3[01])\b")