From 6e066b5cc8129b19d717b9975aa67750454d285b Mon Sep 17 00:00:00 2001 From: Will Kinderman Date: Tue, 7 May 2024 15:07:14 -0700 Subject: [PATCH] Add support for cloudflare --- sephiroth/providers/__init__.py | 2 ++ sephiroth/providers/cloudflare.py | 45 +++++++++++++++++++++++++++++++ sephiroth/providers/provider.py | 3 ++- 3 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 sephiroth/providers/cloudflare.py diff --git a/sephiroth/providers/__init__.py b/sephiroth/providers/__init__.py index 284e831..d531a71 100644 --- a/sephiroth/providers/__init__.py +++ b/sephiroth/providers/__init__.py @@ -7,6 +7,7 @@ from sephiroth.providers.tor import Tor from sephiroth.providers.do import DO from sephiroth.providers.linode import Linode +from sephiroth.providers.cloudflare import Cloudflare # This must be imported last, circular dependencies and all that from sephiroth.providers.provider import Provider @@ -22,4 +23,5 @@ "DO", "Linode", "Provider", + "Cloudflare", ] diff --git a/sephiroth/providers/cloudflare.py b/sephiroth/providers/cloudflare.py new file mode 100644 index 0000000..501a382 --- /dev/null +++ b/sephiroth/providers/cloudflare.py @@ -0,0 +1,45 @@ +import requests +from sephiroth.providers.base_provider import BaseProvider + + +class Cloudflare(BaseProvider): + def __init__(self, excludeip6=False): + self.source_ranges = self._get_ranges() + self.processed_ranges = self._process_ranges(excludeip6) + + def _get_ranges(self): + """ + Input: None + Output: Dict representation of cloudflare ip ranges + """ + print("(cloudflare) Fetching IP ranges from cloudflare's API") + cloudflare_ip_ranges_url = "https://api.cloudflare.com/client/v4/ips" + r = requests.get(cloudflare_ip_ranges_url) + return r.json() + + def _process_ranges(self, excludeip6=False): + """ + Input: List of ip-ranges, optionally exclude ip6 ranges + Output: Dict with header_comments and list of dicts for ip ranges + """ + header_comments = [ + f"(cloudflare) success: {self.source_ranges['success']}", + f"(cloudflare) messages: {self.source_ranges['messages']}", + ] + out_ranges = [] + ip_ranges = self.source_ranges["result"] + + range_types = [("ipv4_cidrs", "ipv4 cloudflare")] + + if not excludeip6: + range_types.append(("ipv6_cidrs", "ipv6 cloudflare")) + + for range_type, comment in range_types: + for ip_range in ip_ranges[range_type]: + item = { + "range": ip_range, + "comment": comment + } + out_ranges.append(item) + + return {"header_comments": header_comments, "ranges": out_ranges} diff --git a/sephiroth/providers/provider.py b/sephiroth/providers/provider.py index 940d2a3..363e58d 100644 --- a/sephiroth/providers/provider.py +++ b/sephiroth/providers/provider.py @@ -1,4 +1,4 @@ -from sephiroth.providers import AWS, Azure, GCP, OCI, ASN, File, Tor, DO, Linode +from sephiroth.providers import AWS, Azure, GCP, OCI, ASN, File, Tor, DO, Linode, Cloudflare classmap = { "aws": AWS, @@ -10,6 +10,7 @@ "tor": Tor, "do": DO, "linode": Linode, + "cloudflare": Cloudflare, }