zarv1k/fGoogleIpRange.script

## fGoogleIpRange.script
:global fGoogleIpRange
if (!any $fGoogleIpRange) do={ :global fGoogleIpRange do={
  :local addressList $1
  :local ipRangeUrl $2
  :local exceptionsJsonUrl $3

# load JSON parser - https://github.com/Winand/mikrotik-json-parser
/system script run JParseFunctions

# read file into JSONIn
:global JSONIn ([/tool fetch url=$ipRangeUrl as-value output=user]->"data");

# ensure sync token file exist
:local syncTokenValue
:local syncTokenFile ($addressList . ".sync-token")
:local syncTokenFileName ($syncTokenFile . ".txt")

if ([:len [/file find name=$syncTokenFileName]] = 0) do={
  :execute script=":put 0" file=$syncTokenFile;
  :set syncTokenValue ""
} else={
  :set syncTokenValue [/file get $syncTokenFileName contents]
}

# ensure JSON parser globals
:global JSONUnload
:global fJParse;
:global fJParsePrint;
:global JSONLoad
:global JSONLoads

# read JSON
:global JParseOut [$fJParse];

# print
#$fJParsePrint

:if ($syncTokenValue != $JParseOut->"syncToken") do={
  # iterate over prefixes if prefixes is not empty
  :if ([:len ($JParseOut->"prefixes")] > 0) do={
    # save syncToken to file
    :set syncTokenValue ($JParseOut->"syncToken")
    /file set $syncTokenFileName contents=$syncTokenValue
    # delete entire address-list
    /ip firewall address-list remove [/ip firewall address-list find list=$addressList]
    :foreach prefix in=($JParseOut->"prefixes") do={
      :if ([:typeof ($prefix->"ipv4Prefix")]  = "str") do={
        /ip firewall address-list add list=$addressList address=($prefix->"ipv4Prefix")
      }
    }
  }
} else={
  :put "ip-range list is already synced"
}

# read exceptions from URL (when 3rd parameter is set) or from local file and disable each exception address-list
:local exceptionsJson
:local exceptionsFileName ($addressList . ".exceptions.json")
if ([:len ($exceptionsJsonUrl)] > 0) do={
  :put "Using exceptions URL"
  :set exceptionsJson [$JSONLoads ([/tool fetch url=$exceptionsJsonUrl as-value output=user]->"data")]
}
if ([:len $exceptionsJson] = 0) do={
  :put "Using exceptions file"
  :set exceptionsJson [$JSONLoad $exceptionsFileName]
}
if ([:len $exceptionsJson] > 0) do={
  :foreach k,v in=$exceptionsJson do={
    /ip firewall address-list disable [find where list=$addressList address=$k]
  }
} else={
  :put "Skip list exceptions"
}


# cleanup
:set JSONIn
:set JParseOut

# unload JSON library
$JSONUnload

}}

## google-cloud.script
/system script run fGoogleIpRange
:global fGoogleIpRange

$fGoogleIpRange "google-cloud" "https://www.gstatic.com/ipranges/cloud.json"
set $fGoogleIpRange

## google.exceptions.json
{
  "64.233.160.0/19": "youtube",
  "74.125.0.0/16": "youtube",
  "172.217.0.0/16": "youtube",
  "173.194.0.0/16": "youtube",
  "209.85.128.0/17": "youtube"
}

## google.script
/system script run fGoogleIpRange
:global fGoogleIpRange

$fGoogleIpRange "google" "https://www.gstatic.com/ipranges/goog.json" "https://gist.githubusercontent.com/zarv1k/e1b37a1a5a2c10936fb532302416bed1/raw/9a17fb866208332224dc6f736ed15b819c0bd857/google.exceptions.json"
set $fGoogleIpRange
	:global fGoogleIpRange
	if (!any $fGoogleIpRange) do={ :global fGoogleIpRange do={
	:local addressList $1
	:local ipRangeUrl $2
	:local exceptionsJsonUrl $3

	# load JSON parser - https://github.com/Winand/mikrotik-json-parser
	/system script run JParseFunctions

	# read file into JSONIn
	:global JSONIn ([/tool fetch url=$ipRangeUrl as-value output=user]->"data");

	# ensure sync token file exist
	:local syncTokenValue
	:local syncTokenFile ($addressList . ".sync-token")
	:local syncTokenFileName ($syncTokenFile . ".txt")

	if ([:len [/file find name=$syncTokenFileName]] = 0) do={
	:execute script=":put 0" file=$syncTokenFile;
	:set syncTokenValue ""
	} else={
	:set syncTokenValue [/file get $syncTokenFileName contents]
	}

	# ensure JSON parser globals
	:global JSONUnload
	:global fJParse;
	:global fJParsePrint;
	:global JSONLoad
	:global JSONLoads

	# read JSON
	:global JParseOut [$fJParse];

	# print
	#$fJParsePrint

	:if ($syncTokenValue != $JParseOut->"syncToken") do={
	# iterate over prefixes if prefixes is not empty
	:if ([:len ($JParseOut->"prefixes")] > 0) do={
	# save syncToken to file
	:set syncTokenValue ($JParseOut->"syncToken")
	/file set $syncTokenFileName contents=$syncTokenValue
	# delete entire address-list
	/ip firewall address-list remove [/ip firewall address-list find list=$addressList]
	:foreach prefix in=($JParseOut->"prefixes") do={
	:if ([:typeof ($prefix->"ipv4Prefix")] = "str") do={
	/ip firewall address-list add list=$addressList address=($prefix->"ipv4Prefix")
	}
	}
	}
	} else={
	:put "ip-range list is already synced"
	}

	# read exceptions from URL (when 3rd parameter is set) or from local file and disable each exception address-list
	:local exceptionsJson
	:local exceptionsFileName ($addressList . ".exceptions.json")
	if ([:len ($exceptionsJsonUrl)] > 0) do={
	:put "Using exceptions URL"
	:set exceptionsJson [$JSONLoads ([/tool fetch url=$exceptionsJsonUrl as-value output=user]->"data")]
	}
	if ([:len $exceptionsJson] = 0) do={
	:put "Using exceptions file"
	:set exceptionsJson [$JSONLoad $exceptionsFileName]
	}
	if ([:len $exceptionsJson] > 0) do={
	:foreach k,v in=$exceptionsJson do={
	/ip firewall address-list disable [find where list=$addressList address=$k]
	}
	} else={
	:put "Skip list exceptions"
	}


	# cleanup
	:set JSONIn
	:set JParseOut

	# unload JSON library
	$JSONUnload

	}}
	/system script run fGoogleIpRange
	:global fGoogleIpRange

	$fGoogleIpRange "google-cloud" "https://www.gstatic.com/ipranges/cloud.json"
	set $fGoogleIpRange
	{
	"64.233.160.0/19": "youtube",
	"74.125.0.0/16": "youtube",
	"172.217.0.0/16": "youtube",
	"173.194.0.0/16": "youtube",
	"209.85.128.0/17": "youtube"
	}
	/system script run fGoogleIpRange
	:global fGoogleIpRange

	$fGoogleIpRange "google" "https://www.gstatic.com/ipranges/goog.json" "https://gist.githubusercontent.com/zarv1k/e1b37a1a5a2c10936fb532302416bed1/raw/9a17fb866208332224dc6f736ed15b819c0bd857/google.exceptions.json"
	set $fGoogleIpRange