Office 365 URLs and IP address ranges
-
What is the best way keep my Aliases updated from the published Office365 list of IPs?
https://support.office.com/en-us/article/Office-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2
The first time I did an Important adding the list of IPs all at once. Now how does one update that imported list. Is there a way to over write the list with all the current IPs publish. Also, is there a way to automate this process?Thanks
-
When they already have RSS, perhaps you could ask them to actually make use of it and publish the lists in non-retarded format?
-
I could request it published in a different way… what way do you suggest I request this... and how would my pfSense consume the published IPs and URL?
Do you have an example and I will open a case with the MS Office team?Thanks for your help.
-
If its a plain txt file, then you can use the pfSense URL Table aliases to collect these txt files on a schedule… Or use the pfBlockerNG package to parse the URL to collect the domains.... pfBlockerNG doesn't need the feed to be in plain text, and can parse the html to collect the IPs... You can then use the "Alias" in your firewall rules/nat etc as required...
-
Even if it were RSS or HTML, things like pfBlockerNG could make sense of it. In the current form, it's just incredibly useless POS. Cannot believe then don't have anything in machine-readable format for enterprise use.
-
It is in XML format, that is how it is published, which is machine readable…..
"Use the https://go.microsoft.com/fwlink/?LinkId=533185 to view a single list with all of the endpoints or to automatically process changes."
-
@kuberan thanks for the info, how would you go about implementing this?
-
I would like to automate this… but for now I edited the XML file Aliases and loaded that... I think pfBlockerNG can be used.. but I need to test it first.... I was hoping there is a simpler solution
-
You won't achieve full automation easily because XML is essentially free form and to write a parser for an arbitrary XML file you need to know a bit about the structure of the file (called the schema). There are XML parsers for PHP but the parts that know about a particular XML schema (like this what MS uses) are not going be included in base pfSense, they are a clear case for an addon package.
-
well it is working and updating from their files, so unless they change their format etc, Ill continue to use it.
-
@daschenbrener what advice do you have. How did you do it?
-
how i used it is through pfBlockerNG.
I added it to the rules
see picture attached
and it automatically parsed the file and is working
-
Is that a lucky accident or is PFBlockerNG smart enough to parse the XML properly?
-
this is a first for me, but i believe that it is designed that way as pfsense can uses xml files already as well.
-
@kpa:
Is that a lucky accident or is PFBlockerNG smart enough to parse the XML properly?
It doesn't really parse it, it uses a bunch of crazy regexps to get IPs out of the XML/HTML/whatnot file.
-
@daschenbrener: thank you… I will give this a try.... :-)
-
my pleasure ,now to find files like this for other companies , hmm, maybe there is something here i can start, a list of the various locations for ip address . Just like the one for microsoft.
-
Good idea… it just needs to be a trusted list....
