Friday, March 2, 2018

Script to retrieve Google Network ip block

This is the script to retrieve the Google Network IP block.

This is useful if you need to only trust google incoming ip. I use this script to update the ip list daily. So that my nginx only allow traffic from google.

#>cat UpdateGoogleNetworkBlock.sh

blocks=`dig -t txt _netblocks.google.com |grep -oP '[^_]*v=spf1 \K.*' |sed -e "s/ ~all\"//" `

IFS=' ' read -a block_array <<< "$blocks"
echo "" > /etc/nginx/conf.d/Google_Network
for i in "${block_array[@]}"
do
echo "allow ${i//ip4:};" >> /etc/nginx/conf.d/Google_Network
done
service nginx restart