Azure/Amazon IP Ranges

Firewalling
Log in to reply
  • K

    Good Day All

    Is there a way to add into "Firewall Aliases URLs" the range of IPs from an Azure xml file. This is also an issue with Office365. What would be the best practice for this? This file is updated weekly https://www.microsoft.com/en-us/download/details.aspx?id=41653 and so is the IP list for Office365. Is there a tool that would convert the xml file and then insert it into the Aliases of pfSesne? Or can I reference the file directly?
    I have the very same issue with Amazon (AWS).

    I have searched the Forums and I have seen many topics about URL Aliases but none that addresses it with the file in an XML format.

    Thank
    Kuberan

    0
  • M

    To my knowledge, there is no tool which does this. You can find the settings for your firewall in /cf/conf/config.xml. As the name implies, the config file is an XML. You can open this to examine the structure. A section of this, marked <aliases>, is where you'll see existing alias entries. You could write a Perl or bash script which could format the downloaded Azure IP list, manipulate it into the correct format for the PFS config file and insert them into it. Once done, you can then run /etc/rc.reload_all to update the firewall with the changes just made. I've not done something like this myself, so you'd be best advised to try this on a test firewall first. There is also the matter of downloading the list from Microsoft automatically. I would normally advise using wget, but I don't know if there's a direct link to allow the file to be pulled down in this way.</aliases>

    0
  • K

    There is not a direct link… I will look at what you suggested... although it is not the ideal solution for this.

    Thanks

    0
  • K

    I see that this Firewall -> Aliases -> Bulk import is a possible solution to copy and paste the list of IP addresses…
    Anyone know how it will manage updates?

    0
  • BBcan177
    Moderator

    You can download this file from the shell and parse the IPs with shell script, or use pfBlockerNG…

    [ MScsv ]		 Downloading update .. 200 OK. completed ..

  Aggregation Stats:
  ------------------
  Original Final      
  ------------------
  2568     1865       
  ------------------

    However, they don't provide a static download address, since the file name has a date:

    https://download.microsoft.com/download/0/1/8/018E208D-54F8-44CD-AA26-CD7BC9524A8C/PublicIPs_20161003.xml

    FYI, the file is also broken down into Regions…

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy