Repository files navigation

IP address ranges from Cloud Providers and from othere sources

• AMAZON-AWS -https://ip-ranges.amazonaws.com/ip-ranges.json
• GITHUB -https://api.github.com/meta
• GOOGLE-GCS -https://www.gstatic.com/ipranges/cloud.json
• MICROSOFT-AZURE -https://www.microsoft.com/en-us/download/details.aspx?id=56519
• Microsoft O365 -https://endpoints.office.com/endpoints/worldwide?clientrequestid=b10c5ed1-bad1-445f-b386-b919946339a7
• ORACLE-OCI -https://docs.cloud.oracle.com/en-us/iaas/tools/public_ip_ranges.json
• MAXMIND_GeoIP -https://www.maxmind.com/

1. you will need to have python + pip
   

   debian# apt-get install python3-pipcentos# yum install -y pip

2. install needed exttra lib:
   

   linux# pip install -r requirements.txt

3. clone repo ie. to: /opt/cloud-iprange-feeder/
   

   linux# mkdir /opt/linux# git clone https://github.com/nchekwa/cloud-iprange-feeder

4. run feeder inside folder
   

   linux# python3 feeder_AMAZON_AWS.py

   Example console output:

   root@debian:/opt/cloud-iprange-feeder# python feeder_AMAZON-AWS.py-----------------------------------------------------------------Process: feeder_AMAZON-AWS.py at 2021-01-22 14:11:57.906558Result:- downloadin 0.206455945969 second- processingin 0.590703964233 secondTOTAL: 0.797159910202 second

Feeder going to download IP Prefix list, parse it and generate in 'files' folder parsed files:

• text files split by region/service/ALL (files contains IP ranges)
• tgz which will contain all those text file in one compress file (for juniper SRX feed-server)
• create info file - with time generation (when feeder was run)

ie:files/AMAZON-AWS├── ALL├── ALL_ipv4├── ALL_ipv6├── rgn_af-south-1├── rgn_ap-east-1├── rgn_ap-northeast-1...├── svc_AMAZON├── svc_S3└── svc_WORKSPACES_GATEWAYSfiles/AMAZON-AWS.tgzfiles/AMAZON-AWS.txt

SRX#

[edit security dynamic-address]set security dynamic-address feed-server MyAmazonFeed url http://<server>/cloud-iprange-feeder/files/AMAZON-AWS.tgzset security dynamic-address feed-server MyAmazonFeed update-interval 30set security dynamic-address feed-server MyAmazonFeed hold-interval 3600set security dynamic-address feed-server MyAmazonFeed feed-name AWS_ALL path AMAZON-AWS/ALLset security dynamic-address address-name AWS_ALL_IPs profile feed-name AWS_ALL

> show configuration security dynamic-address feed-server MyAmazonFeed {    url http://<server>/cloud-iprange-feeder/files/AMAZON-AWS.tgz;    update-interval 30;    hold-interval 3600;    feed-name AWS_ALL {        path AMAZON-AWS/ALL;    }}address-name AWS_ALL_IPs {    profile {        feed-name AWS_ALL;    }}

root@vSRX> show security dynamic-address summary address-name AWS_ALL_IPs

Juniper SRX output command example in doc\ folder

• "Alibaba Cloud" - list not available (if you know where to find - pls let me know)
• Cloudflare -https://www.cloudflare.com/ips-v4 |https://www.cloudflare.com/ips-v6
• Facebook -https://developers.facebook.com/docs/sharing/webmasters/crawler
• Atlantis -https://ip-ranges.atlassian.com/
• zscaler -https://config.zscaler.com/zscaler.net/cenr
• okta -https://s3.amazonaws.com/okta-ip-ranges/ip_ranges.json
• paypal -https://www.paypal.com/us/smarthelp/article/what-are-the-ip-addresses-for-live-paypal-servers-ts1056
• zoom -https://support.zoom.us/hc/en-us/articles/201362683-Network-firewall-or-proxy-server-settings-for-Zoom

• Block Lis -http://lists.blocklist.de/lists/all.txt
• DShield -https://www.dshield.org/block.txt
• Threatfox IP -https://threatfox.abuse.ch/export/csv/ip-port/recent/
• Tor -https://check.torproject.org/exit-addresses
• Feodo Tracker -https://feodotracker.abuse.ch/downloads/ipblocklist_recommended.txt

• http://iplists.firehol.org/
• https://github.com/firehol/blocklist-ipsets

• https://github.com/sapics/ip-location-db#readme
• https://ipinfo.io/
• ASN -https://bgp.potaroo.net/cidr/autnums.html