stevejenkins/gwhitelist_pss.sh

## gwhitelist_pss.sh
#! /bin/sh
#
# Based on Mike Miller's gwhitelist at:
# http://archive.mgm51.com/sources/gwhitelist.html
# Copyright (c) 2013 Mike Miller <mmiller@mgm51.com>
#
# Modified 2014 by Steve Jenkins <steve@stevejenkins.com> to format
# output for mod_remoteip on Apache with Google PageSpeed Service
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice(s) and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#

# a quick script to output the current list of Google's IP ranges in their
# netblock for use with the RemoteIPInternalProxy directive in Apache's
# httpd.conf file while using Google PageSpeed Service
#
# a list of CIDR-formatted addresses is printed to stdout. It is up to you
# to include this output into your RemoteIPInternalProxy line in httpd.conf
#
# this page was used as a guide:
# http://support.google.com/a/bin/answer.py?hl=en&hlrm=de&answer=60764

#
#  version history
#  20130519 1.0 mm - initial release of gwhitelist (by Mike Miller)
#  20130520 1.1 mm - added set -e error check (by Mike Miller)
#
#  20140624 1.0 sj - initial release of gwhitelist_pss (by Steve Jenkins)

# From Steve Jenkins:
# Mad props to Mike Miller for this script. The only change I made was to
# comment out one line that formatted the output for Postfix, then include
# a new sed line to format the output for inclusion as the
# RemoteIpInternalProxy values in httpd.conf while using Google PageSpeed
# Service on an Apache origin server with mod_remoteip.

# make sure the mktemp command syntax is appropriate for your OS.
#  this works on FreeBSD 9.1 and Debian GNU/Linux 6.0.6
tmpBase=`basename $0`
tmpNetBlocks=`mktemp -q /tmp/${tmpBase}.XXXXXX`
        if [ $? -ne 0 ]; then
                echo "$0: Can't create temp file, exiting..."
                exit 1
        fi

# abort on any error
set -e

# obtain and format the netblocks for subsequent look-ups
spfString=`dig @8.8.8.8 _spf.google.com txt | grep ^_spf | cut  -f5`

printf "%s\n" ${spfString} | grep "^include" | cut -c9-  | \
    sed s/^/' @8.8.8.8 '/ | sed s/$/' txt'/ > ${tmpNetBlocks}

# get the IP addresses from the netblocks
nbString=`dig -f ${tmpNetBlocks} | grep ^_netblock | cut -f5`

printf "%s\n" ${nbString} | grep "^ip" | cut -c5- | \
#   sed s/$/'   permit'/

# The following line is the only new one added by SJ
sed ':a;N;$!ba;s/\n/ /g'

# clean up
test -e ${tmpNetBlocks} && rm ${tmpNetBlocks}
	#! /bin/sh
	#
	# Based on Mike Miller's gwhitelist at:
	# http://archive.mgm51.com/sources/gwhitelist.html
	# Copyright (c) 2013 Mike Miller <mmiller@mgm51.com>
	#
	# Modified 2014 by Steve Jenkins <steve@stevejenkins.com> to format
	# output for mod_remoteip on Apache with Google PageSpeed Service
	#
	# Permission to use, copy, modify, and distribute this software for any
	# purpose with or without fee is hereby granted, provided that the above
	# copyright notice(s) and this permission notice appear in all copies.
	#
	# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	#

	# a quick script to output the current list of Google's IP ranges in their
	# netblock for use with the RemoteIPInternalProxy directive in Apache's
	# httpd.conf file while using Google PageSpeed Service
	#
	# a list of CIDR-formatted addresses is printed to stdout. It is up to you
	# to include this output into your RemoteIPInternalProxy line in httpd.conf
	#
	# this page was used as a guide:
	# http://support.google.com/a/bin/answer.py?hl=en&hlrm=de&answer=60764

	#
	# version history
	# 20130519 1.0 mm - initial release of gwhitelist (by Mike Miller)
	# 20130520 1.1 mm - added set -e error check (by Mike Miller)
	#
	# 20140624 1.0 sj - initial release of gwhitelist_pss (by Steve Jenkins)

	# From Steve Jenkins:
	# Mad props to Mike Miller for this script. The only change I made was to
	# comment out one line that formatted the output for Postfix, then include
	# a new sed line to format the output for inclusion as the
	# RemoteIpInternalProxy values in httpd.conf while using Google PageSpeed
	# Service on an Apache origin server with mod_remoteip.

	# make sure the mktemp command syntax is appropriate for your OS.
	# this works on FreeBSD 9.1 and Debian GNU/Linux 6.0.6
	tmpBase=`basename $0`
	tmpNetBlocks=`mktemp -q /tmp/${tmpBase}.XXXXXX`
	if [ $? -ne 0 ]; then
	echo "$0: Can't create temp file, exiting..."
	exit 1
	fi

	# abort on any error
	set -e

	# obtain and format the netblocks for subsequent look-ups
	spfString=`dig @8.8.8.8 _spf.google.com txt \| grep ^_spf \| cut -f5`

	printf "%s\n" ${spfString} \| grep "^include" \| cut -c9- \| \
	sed s/^/' @8.8.8.8 '/ \| sed s/$/' txt'/ > ${tmpNetBlocks}

	# get the IP addresses from the netblocks
	nbString=`dig -f ${tmpNetBlocks} \| grep ^_netblock \| cut -f5`

	printf "%s\n" ${nbString} \| grep "^ip" \| cut -c5- \| \
	# sed s/$/' permit'/

	# The following line is the only new one added by SJ
	sed ':a;N;$!ba;s/\n/ /g'

	# clean up
	test -e ${tmpNetBlocks} && rm ${tmpNetBlocks}