Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Google PageSpeed Service RemoteIPInternalProxy generator for mod_remoteip
#! /bin/sh
#
# Based on Mike Miller's gwhitelist at:
# http://archive.mgm51.com/sources/gwhitelist.html
# Copyright (c) 2013 Mike Miller <mmiller@mgm51.com>
#
# Modified 2014 by Steve Jenkins <steve@stevejenkins.com> to format
# output for mod_remoteip on Apache with Google PageSpeed Service
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice(s) and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
# a quick script to output the current list of Google's IP ranges in their
# netblock for use with the RemoteIPInternalProxy directive in Apache's
# httpd.conf file while using Google PageSpeed Service
#
# a list of CIDR-formatted addresses is printed to stdout. It is up to you
# to include this output into your RemoteIPInternalProxy line in httpd.conf
#
# this page was used as a guide:
# http://support.google.com/a/bin/answer.py?hl=en&hlrm=de&answer=60764
#
# version history
# 20130519 1.0 mm - initial release of gwhitelist (by Mike Miller)
# 20130520 1.1 mm - added set -e error check (by Mike Miller)
#
# 20140624 1.0 sj - initial release of gwhitelist_pss (by Steve Jenkins)
# From Steve Jenkins:
# Mad props to Mike Miller for this script. The only change I made was to
# comment out one line that formatted the output for Postfix, then include
# a new sed line to format the output for inclusion as the
# RemoteIpInternalProxy values in httpd.conf while using Google PageSpeed
# Service on an Apache origin server with mod_remoteip.
# make sure the mktemp command syntax is appropriate for your OS.
# this works on FreeBSD 9.1 and Debian GNU/Linux 6.0.6
tmpBase=`basename $0`
tmpNetBlocks=`mktemp -q /tmp/${tmpBase}.XXXXXX`
if [ $? -ne 0 ]; then
echo "$0: Can't create temp file, exiting..."
exit 1
fi
# abort on any error
set -e
# obtain and format the netblocks for subsequent look-ups
spfString=`dig @8.8.8.8 _spf.google.com txt | grep ^_spf | cut -f5`
printf "%s\n" ${spfString} | grep "^include" | cut -c9- | \
sed s/^/' @8.8.8.8 '/ | sed s/$/' txt'/ > ${tmpNetBlocks}
# get the IP addresses from the netblocks
nbString=`dig -f ${tmpNetBlocks} | grep ^_netblock | cut -f5`
printf "%s\n" ${nbString} | grep "^ip" | cut -c5- | \
# sed s/$/' permit'/
# The following line is the only new one added by SJ
sed ':a;N;$!ba;s/\n/ /g'
# clean up
test -e ${tmpNetBlocks} && rm ${tmpNetBlocks}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment