Hello,
my question is what IPs / IP ranges is Google using?
There i see following IPs:
108.177.0.0/17
172.217.0.0/16
173.194.0.0/16
2001:4860:4000::/36
203.208.60.0/24
207.126.144.0/20
209.85.128.0/17
216.239.32.0/19
216.58.192.0/19
2404:6800:4000::/36
2607:f8b0:4000::/36
2800:3f0:4000::/36
2a00:1450:4000::/36
2c0f:fb50:4000::/36
35.192.0.0/12
64.18.0.0/20
64.233.160.0/19
64.68.80.0/21
65.52.0.0/14
66.102.0.0/20
66.249.64.0/19
72.14.192.0/18
74.125.0.0/16
Another IPs are mentioned here: https://github.com/justjavac/Google-IPs/blob/master/README.md . When i parsed that file using bash script:
The /tmp/gips then contained 4312 IPs: https://pastebin.com/S2hb775Kwget --timeout=10 --quiet https://raw.githubusercontent.com/justjavac/Google-IPs/master/README.md -O /tmp/googleipfile
grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' /tmp/googleipfile|sort -u >> /tmp/gips
rm -f /tmp/googleipfile
I could create bash script to insert them into firewall whitelist (not to be blocked):
Before execution i would do:#!/bin/bash
wget --timeout=10 --quiet https://raw.githubusercontent.com/justjavac/Google-IPs/master/README.md -O /tmp/googleipfile
grep -o '[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}' /tmp/googleipfile|sort -u >> /tmp/gips
while read ip;do
ipset -exist add whitelist $ip
done < /tmp/gips
rm -f /tmp/googleipfile /tmp/gips
to create ipset list and allow its contents in firewall. Yet unsure if it is good idea because server would become vulnerable from that IPs.ipset create whitelist maxelem 1000111222
iptables -I INPUT 1 -m set --match-set whitelist src -j ACCEPT
Reply With Quote
Bookmarks