RealStickman
b4371deb71
Based on findings that the Endpoint is not automatically excluded
when AllowedIPs is set manually and happens to include the Endpoint
changes had to be made.
An additional Python script has been created that takes IP-Ranges to
exclude as an argument so the AllowedIPs range can be calculated
dynamically for every different config file.
This drastically increases the time to patch all files, so it might
be worth it to make this script more parallel in the future.
34 lines
671 B
Python
Executable File
34 lines
671 B
Python
Executable File
#!/usr/bin/env python3
|
|
|
|
from ipaddress import ip_network
|
|
import argparse
|
|
|
|
parser = argparse.ArgumentParser(description="")
|
|
|
|
parser.add_argument(
|
|
"-e",
|
|
"--exclude",
|
|
required=False,
|
|
type=str,
|
|
action="append",
|
|
help="IP range that should be excluded from 0.0.0.0/0",
|
|
)
|
|
|
|
args = parser.parse_args()
|
|
|
|
start: str = "0.0.0.0/0"
|
|
exclude: list[str] = args.exclude
|
|
|
|
result = [ip_network(start)]
|
|
for i in exclude:
|
|
n = ip_network(i)
|
|
new = []
|
|
for k in result:
|
|
if k.overlaps(n):
|
|
new.extend(k.address_exclude(n))
|
|
else:
|
|
new.append(k)
|
|
result = new
|
|
|
|
print(", ".join(str(i) for i in sorted(result)) + ", ::0/0")
|