Hi,

I need a script (or other way) of updating an address list with Google’s IP ranges.
They publish the ranges in a DNS test field and it looks like this…

$ dig txt _netblocks.google.com +short @8.8.8.8
“v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ip4:173.194.0.0/16 ?all”

Anyone got any ideas how I can get this list of networks into an address list?

Thanks,

David

I would create a bash script to output the results of dig to a file, and upload the file to the router via FTP. For the example, the file name is dnslist.txt

Then, run a script on the router to extract the IP addresses and add them to the address list. This script removes all previous entries with the same comment, and adds the new ones.

set the name of the address list and comment

:local addressList "MYAddressList"
:local comment "GoogleDNS"

set file name

:local file "dnslist.txt"

clean up old entries

/ip firewall address-list remove [find comment="$comment"]

:local ip
:local toggle false

:local content [/file get [/file find name=$file] contents]

:for i from=0 to=([:len $content] - 1) do={
:if ([:pick $content $i] = "/") do={
:set toggle false;
/ip firewall address-list add address=$ip disabled=no list="$addressList" comment="$comment"
:set ip ""
}
:if ($toggle = true) do={
:set ip ($ip . [:pick $content $i])
}
:if ([:pick $content $i] = ":") do={
:set toggle true
}
}