~sircmpwn/abused-devel

abused: rules: add Google Cloud IP addresses v1 APPLIED

Moritz Poldrack: 1
 rules: add Google Cloud IP addresses

 1 files changed, 40 insertions(+), 5 deletions(-)
Export patchset (mbox)
How do I use this?

Copy & paste the following snippet into your terminal to import this patchset into git:

curl -s https://lists.sr.ht/~sircmpwn/abused-devel/patches/49628/mbox | git am -3
Learn more about email & git

[PATCH abused] rules: add Google Cloud IP addresses Export this patch

From: Moritz Poldrack <git@moritz.sh>

Google not only provides IPs to internet users, it also provides
customers with IP access through their Google Cloud Products. This adds
the IPs for the latter to be part of the blocklist.

Link: https://support.google.com/a/answer/10026322?hl=en
Signed-off-by: Moritz Poldrack <git@moritz.sh>
---

This adds 500+ additional IP ranges to the blocklist.

 rules/commercial-isp.go | 47 +++++++++++++++++++++++++++++++++++------
 1 file changed, 41 insertions(+), 6 deletions(-)

diff --git a/rules/commercial-isp.go b/rules/commercial-isp.go
index b4a141a..8a1e347 100644
--- a/rules/commercial-isp.go
+++ b/rules/commercial-isp.go
@@ -20,9 +20,10 @@ import (

// These providers offer dumps of their prefixes
const (
	AWS_URL   string = "https://ip-ranges.amazonaws.com/ip-ranges.json"
	GCP_URL   string = "https://www.gstatic.com/ipranges/goog.json"
	VULTR_URL string = "https://geofeed.constant.com/?json"
	AWS_URL    string = "https://ip-ranges.amazonaws.com/ip-ranges.json"
	GOOGLE_URL string = "https://www.gstatic.com/ipranges/goog.json"
	GCP_URL    string = "https://www.gstatic.com/ipranges/cloud.json"
	VULTR_URL  string = "https://geofeed.constant.com/?json"
)

type AWSPayload struct {
@@ -149,7 +150,7 @@ func (rule *CommercialISPRule) UpdateAWS(ctx context.Context) error {
func (rule *CommercialISPRule) UpdateGCP(ctx context.Context) error {
	rule.log.Println("Updating list of GCP networks")

	resp, err := http.Get(GCP_URL)
	resp, err := http.Get(GOOGLE_URL)
	if err != nil {
		return err
	}
@@ -181,7 +182,41 @@ func (rule *CommercialISPRule) UpdateGCP(ctx context.Context) error {
			rule.trie.Insert(cidranger.NewBasicRangerEntry(*subnet))
		}
	}
	rule.log.Printf("Found %d GCP subnets", len(dump.Prefixes))
	rule.log.Printf("Found %d Google subnets", len(dump.Prefixes))
	googleHits := len(dump.Prefixes)

	resp, err = http.Get(GCP_URL)
	if err != nil {
		return err
	}
	defer resp.Body.Close()
	body, err = io.ReadAll(resp.Body)
	if err != nil {
		return err
	}

	err = json.Unmarshal(body, &dump)
	if err != nil {
		return err
	}

	for _, prefix := range dump.Prefixes {
		if prefix.IPv4Prefix != nil {
			_, subnet, err := net.ParseCIDR(*prefix.IPv4Prefix)
			if err != nil {
				return err
			}
			rule.trie.Insert(cidranger.NewBasicRangerEntry(*subnet))
		}
		if prefix.IPv6Prefix != nil {
			_, subnet, err := net.ParseCIDR(*prefix.IPv6Prefix)
			if err != nil {
				return err
			}
			rule.trie.Insert(cidranger.NewBasicRangerEntry(*subnet))
		}
	}
	rule.log.Printf("Found %d GCP subnets", len(dump.Prefixes)-googleHits)

	task := work.NewTask(rule.UpdateGCP).
		NotBefore(time.Now().Add(48 * time.Hour))
-- 
2.43.2
Thanks!

To git@git.sr.ht:~sircmpwn/abused
   0907ebd..3d47779  master -> master