diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 4f0d83a9..4c365ed9 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -15,6 +15,24 @@ jobs: - name: Install WHOIS client run: sudo apt install -y whois + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: '3.13' + + - name: Cache pip + uses: actions/cache@v4 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('utils/requirements.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + ${{ runner.os }}- + + - name: Install dependencies + run: | + pip install -r utils/requirements.txt + - name: Download IPs run: | set -x @@ -33,29 +51,12 @@ jobs: bash openai/downloader.sh || echo 'GPTBot download failed' # TODO: fixme bash cloudflare/downloader.sh bash vultr/downloader.sh + bash apple-proxy/downloader.sh - name: Create All-In-One ranges run: | - cat google/ipv4.txt googlebot/ipv4.txt amazon/ipv4.txt microsoft/ipv4.txt oracle/ipv4.txt digitalocean/ipv4.txt bing/ipv4.txt github/ipv4.txt facebook/ipv4.txt twitter/ipv4.txt linode/ipv4.txt telegram/ipv4.txt openai/ipv4.txt cloudflare/ipv4.txt vultr/ipv4.txt | sort -V | uniq > all/ipv4.txt - cat google/ipv6.txt googlebot/ipv6.txt amazon/ipv6.txt microsoft/ipv6.txt digitalocean/ipv6.txt github/ipv6.txt facebook/ipv6.txt twitter/ipv6.txt linode/ipv6.txt telegram/ipv6.txt cloudflare/ipv6.txt vultr/ipv6.txt | sort -V | uniq > all/ipv6.txt - - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.13' - - - name: Cache pip - uses: actions/cache@v4 - with: - path: ~/.cache/pip - key: ${{ runner.os }}-pip-${{ hashFiles('utils/requirements.txt') }} - restore-keys: | - ${{ runner.os }}-pip- - ${{ runner.os }}- - - - name: Install dependencies - run: | - pip install -r utils/requirements.txt + cat google/ipv4.txt googlebot/ipv4.txt amazon/ipv4.txt microsoft/ipv4.txt oracle/ipv4.txt digitalocean/ipv4.txt bing/ipv4.txt github/ipv4.txt facebook/ipv4.txt twitter/ipv4.txt linode/ipv4.txt telegram/ipv4.txt openai/ipv4.txt cloudflare/ipv4.txt vultr/ipv4.txt apple-proxy/ipv4.txt | sort -V | uniq > all/ipv4.txt + cat google/ipv6.txt googlebot/ipv6.txt amazon/ipv6.txt microsoft/ipv6.txt digitalocean/ipv6.txt github/ipv6.txt facebook/ipv6.txt twitter/ipv6.txt linode/ipv6.txt telegram/ipv6.txt cloudflare/ipv6.txt vultr/ipv6.txt apple-proxy/ipv6.txt | sort -V | uniq > all/ipv6.txt - name: Merge Ranges run: | @@ -77,6 +78,7 @@ jobs: python utils/merge.py --source=openai/ipv4.txt | sort -V > openai/ipv4_merged.txt python utils/merge.py --source=cloudflare/ipv4.txt | sort -V > cloudflare/ipv4_merged.txt python utils/merge.py --source=vultr/ipv4.txt | sort -V > vultr/ipv4_merged.txt + python utils/merge.py --source=apple-proxy/ipv4.txt | sort -V > apple-proxy/ipv4_merged.txt python utils/merge.py --source=all/ipv4.txt | sort -V > all/ipv4_merged.txt # ipv6 python utils/merge.py --source=google/ipv6.txt | sort -V > google/ipv6_merged.txt @@ -94,6 +96,7 @@ jobs: # openai not provide ipv6 python utils/merge.py --source=cloudflare/ipv6.txt | sort -V > cloudflare/ipv6_merged.txt python utils/merge.py --source=vultr/ipv6.txt | sort -V > vultr/ipv6_merged.txt + python utils/merge.py --source=apple-proxy/ipv6.txt | sort -V > apple-proxy/ipv6_merged.txt python utils/merge.py --source=all/ipv6.txt | sort -V > all/ipv6_merged.txt - name: Commit files diff --git a/README.md b/README.md index 10f667ce..ba2f019d 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ ![IP Ranges](logo.png) -List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), DigitalOcean, GitHub, Facebook (Meta), Twitter, Linode, Telegram, OpenAI (GPTBot) and CloudFlare with daily updates. +List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), DigitalOcean, GitHub, Facebook (Meta), Twitter, Linode, Telegram, OpenAI (GPTBot), CloudFlare, Vultr and Apple (Private Relay) with daily updates. All lists are obtained from public sources. @@ -117,6 +117,13 @@ To allow GoogleBot, block all Google IP addresses and then allow the GoogleBot a - IPv6: https://raw.githubusercontent.com/lord-alfred/ipranges/main/vultr/ipv6.txt - IPv6 (merged): https://raw.githubusercontent.com/lord-alfred/ipranges/main/vultr/ipv6_merged.txt +### Apple (Private Relay) + +- IPv4: https://raw.githubusercontent.com/lord-alfred/ipranges/main/apple-proxy/ipv4.txt +- IPv4 (merged): https://raw.githubusercontent.com/lord-alfred/ipranges/main/apple-proxy/ipv4_merged.txt +- IPv6: https://raw.githubusercontent.com/lord-alfred/ipranges/main/apple-proxy/ipv6.txt +- IPv6 (merged): https://raw.githubusercontent.com/lord-alfred/ipranges/main/apple-proxy/ipv6_merged.txt + ## All-In-One IPs A list of IP addresses from all sources combined into one file. diff --git a/apple-proxy/downloader.sh b/apple-proxy/downloader.sh new file mode 100644 index 00000000..d86eb869 --- /dev/null +++ b/apple-proxy/downloader.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -euo pipefail +set -x + +# https://developer.apple.com/icloud/prepare-your-network-for-icloud-private-relay/ +curl -s https://mask-api.icloud.com/egress-ip-ranges.csv | cut -d',' -f1 > /tmp/apple-proxy.txt + +grep -v ':' /tmp/apple-proxy.txt > /tmp/apple-proxy-ipv4.txt +grep ':' /tmp/apple-proxy.txt > /tmp/apple-proxy-ipv6.txt + +sort -V /tmp/apple-proxy-ipv4.txt | uniq > apple-proxy/ipv4.txt +sort -V /tmp/apple-proxy-ipv6.txt | uniq > apple-proxy/ipv6.txt