[arch-general] HTTP spam from China - CIDR compacting tool
Genes Lists
lists at sapience.com
Tue Feb 26 18:11:04 UTC 2019
Just an FYI if you pull cidr blocks by country, either doing it
yourself directly from arin et al or by using someone elses list like
ipdeny.com the CIDR blocks are not necessarily compacted.
i.e. it is often not the most minimal CIDR representation. I use is
this little python script, which works on list of CIDR blocks of IPV4 or
IPV6, to compact the list of cidr blocks. I feed the output compacted
CIDR blocks to the firewall ipset script.
In case anyone finds this useful here is my CidrMerge.py :
UseageL
----- cut here -----
#!/usr/bin/python
#
# Read from stdin a list of cidr blocks and compacts them if possible
# Resulting compacted CIDR blocks are written to stdout.
# Works on any file with IPV4 or IPV6 cidr blocks.
#
# Usage : CidrMerge.py < file
#
# Gene C.
#
# 20180503
#
import sys
import netaddr
def main():
num_args = len(sys.argv)
#
# Open file - read one line at a time and output
#
lines=sys.stdin.readlines()
if len(lines) == 1:
lines = lines[0].split()
#
# create merged set of entire input lines
#
set1 = netaddr.IPSet(lines)
#
# Write them out
#
for cidr in set1.iter_cidrs() :
print (cidr)
return
# -----------------------------------------------------
if __name__ == '__main__':
main()
#
# -------------------- All Done ------------------------
More information about the arch-general
mailing list