Posts

Showing posts from March, 2018

Script to retrieve Google Network ip block

This is the script to retrieve the Google Network IP block. This is useful if you need to only trust google incoming ip. I use this script to update the ip list daily. So that my nginx only allow traffic from google. #>cat UpdateGoogleNetworkBlock.sh blocks=`dig -t txt _netblocks.google.com |grep -oP '[^_]*v=spf1 \K.*' |sed -e "s/ ~all\"//" ` IFS=' ' read -a block_array <<< "$blocks" echo "" > /etc/nginx/conf.d/Google_Network for i in "${block_array[@]}" do echo "allow ${i//ip4:};" >> /etc/nginx/conf.d/Google_Network done service nginx restart