admin avatar

两种自动添加 ip 白名单到cloudflare的脚本

🕚 by admin

两种自动添加 ip 白名单到cloudflare的脚本,

Bash:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
#!/bin/bash
# 填Cloudflare Email邮箱
CFEMAIL="your mail"
# 填Cloudflare API key
CFAPIKEY="youkey"
# 填Cloudflare Zones ID 域名对应的ID
#ZONESID="your zone id"

# /data/wwwlogs/black.txt存放恶意攻击的IP列表
# IP一行一个。
IPADDR=$(curl http://icanhazip.com) #自动获取本机公网IP地址

# 循环提交 IPs 到 Cloudflare  防火墙黑名单
# 模式(mode)有 block, challenge, whitelist, js_challenge
#for IPADDR in ${IPADDR[@]}; do
echo $IPADDR
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
  -H "X-Auth-Email: $CFEMAIL" \
  -H "X-Auth-Key: $CFAPIKEY" \
  -H "Content-Type: application/json" \
  --data '{"mode":"whitelist","configuration":{"target":"ip","value":"'$IPADDR'"},"notes":"whitelist id"}'
exit

1
2
3
4
https://api.cloudflare.com/client/v4/zones/$ZONEID/firewall/access_rules/rules
//指定区域防火墙
https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules
//全局防火墙,适用账户下面的所有域名

开上面的代码保存脚步并执行该脚步,如果成功会显示如下信息

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{
  "result": {
    "id": "idname",
    "paused": false,
    "modified_on": "2021-10-13T01:59:44.295618161Z",
    "allowed_modes": [
      "whitelist",
      "block",
      "challenge",
      "js_challenge"
    ],
    "mode": "whitelist",
    "notes": "whitelist id",
    "configuration": {
      "target": "ip",
      "value": "192.168.0.231"
    },
    "scope": {
      "id": "idname",
      "email": "mailna,e",
      "type": "user"
    },
    "created_on": "time"
  },
  "success": true, //看这里就行了,如果true就是成功了
  "errors": [],
  "messages": []
}

如果现实如下信息就表示脚本有问题,或者已经添加了相同IP地址

{
  "result": null,
  "success": false,
  "errors": [
    {
      "code": 10009,
      "message": "firewallaccessrules.api.duplicate_of_existing" //表示IP地址已经存在重复
    }
  ],
  "messages": []
}

如果只是一次性使用ip 白名单到cloudflare,可以使用下面的代码


IPADDR=$(curl http://icanhazip.com)
curl -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" \
     -H "X-Auth-Email: youmail" \
     -H "X-Auth-Key: youkey" \
     -H "Content-Type: application/json" \
     --data '{"mode":"whitelist","configuration":{"target":"ip","value":"$IPADDR"},"notes":"This rule is on because of an event that occured on date X"}'

参考地址

https://limbopro.com/archives/6949.html?src=vpslala.com

💘 相关文章

写一条评论