aws-ip-ranges-to-zones.py

1. #!/usr/bin/env python
2.  
3. # download the current Amazon AWS list of netblocks and dump it into
4. # two files, one each for IPv4 and IPv6. The result can be imported
5. # into firewalld ipsets using --add-entries-from-file
6.  
7. import requests
8.  
9. ipv4_filename = 'AmazonAWS_ipv4.zone'
10. ipv6_filename = 'AmazonAWS_ipv6.zone'
11.  
12. # See https://aws.amazon.com/blogs/aws/aws-ip-ranges-json/
13.  
14. # fetch the JSON
15. r = requests.get('https://ip-ranges.amazonaws.com/ip-ranges.json')
16. # parse it into a dict of dicts
17. j = r.json()
18.  
19. # dump into output files
20.  
21. with open(ipv4_filename, "w") as ipv4_file:
22.     for p in j['prefixes']:
23.         ipv4_file.write(p['ip_prefix'])
24.         ipv4_file.write('\n')
25.  
26. with open(ipv6_filename, "w") as ipv6_file:
27.     for p in j['ipv6_prefixes']:
28.         ipv6_file.write(p['ipv6_prefix'])
29.         ipv6_file.write('\n')