walkure/cf_ipset.pl

## cf_ipset.pl
#!/usr/bin/env perl

use strict;
use warnings;

use HTTP::Tiny;

my $prefix = 'cloudflare-origin';

updatelist('v4');
updatelist('v6');

sub updatelist
{
        my $type = shift;
        my $family = $type eq 'v6' ? 'inet6' : 'inet';

        my @addrs = fetch($type);
        return unless @addrs;

        my $set = "$prefix-$type";
        my $newset = "$set-tmp";

        `ipset create $newset hash:net family $family`;

        foreach my $addr(@addrs){
                `ipset add $newset $addr`;
        }

        `ipset swap -q $set $newset`;

        `ipset rename $newset $set` if $?;

        `ipset destroy -q $newset`;
}

sub fetch
{
        my $type = shift;

        my $client = HTTP::Tiny->new();
        my $res = $client->get("https://www.cloudflare.com/ips-$type");

        if(!$res->{success}){
                print "failure to fecth $type:$res->{reason}\n";
                return;
        }
        split(/\n/,$res->{content});
}
	#!/usr/bin/env perl

	use strict;
	use warnings;

	use HTTP::Tiny;

	my $prefix = 'cloudflare-origin';

	updatelist('v4');
	updatelist('v6');

	sub updatelist
	{
	my $type = shift;
	my $family = $type eq 'v6' ? 'inet6' : 'inet';

	my @addrs = fetch($type);
	return unless @addrs;

	my $set = "$prefix-$type";
	my $newset = "$set-tmp";

	`ipset create $newset hash:net family $family`;

	foreach my $addr(@addrs){
	`ipset add $newset $addr`;
	}

	`ipset swap -q $set $newset`;

	`ipset rename $newset $set` if $?;

	`ipset destroy -q $newset`;
	}

	sub fetch
	{
	my $type = shift;

	my $client = HTTP::Tiny->new();
	my $res = $client->get("https://www.cloudflare.com/ips-$type");

	if(!$res->{success}){
	print "failure to fecth $type:$res->{reason}\n";
	return;
	}
	split(/\n/,$res->{content});
	}