Google App Engine - list of IP addresses?
I know that Google App Engine does not support an application having a static IP address, but I\'d like to know if there is a list or range of IP addresses that an app could
-
From the GAE documentationn, you need to use the dig command because it does not currently provide a way to map static IP addresses to an application, due to its design:
dig -t TXT _netblocks.google.com @ns1.google.comIf the dig command is not available on your system, you can use an online service:
As the time of writing this answer, querying http://www.digwebinterface.com/?hostnames=_netblocks.google.com&type=TXT&useresolver=8.8.4.4&ns=self&nameservers=ns1.google.com returns:
_netblocks.google.com. 3596 IN TXT "v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ip4:173.194.0.0/16 ?all"Here the formatted list for the Google API console if you need it:
216.239.32.0/19 64.233.160.0/19 66.249.80.0/20 72.14.192.0/18 209.85.128.0/17 66.102.0.0/20 74.125.0.0/16 64.18.0.0/20 207.126.144.0/20 173.194.0.0/16Please note the IP ranges may change in the future so you will need to run this query from time to time.
讨论(0) -
I threw this together quickly, for use with the
gcloud create-firewallcommand.#!/bin/bash netblocks=$(dig TXT _cloud-netblocks.googleusercontent.com @ns1.google.com +short | sed -e 's/"//g') for block in $netblocks; do if [[ $block == include:* ]]; then ipblocks=$(dig TXT ${block#include:} @ns1.google.com +short) for ipblock in $ipblocks; do if [[ $ipblock == ip4:* ]]; then printf "${ipblock:4}," fi done fi done讨论(0) -
Use command:
dig -t txt _netblocks.google.comto get the latest google ip blocks, and then you can add the result to your white list. Be aware that the list are not static and updated from time to time.
讨论(0) -
In addition to the other answers, GAE premier support directed me to this name, esp as the source IP address for URLFetch calls:
$ dig -t txt _cloud-netblocks.googleusercontent.comwhich answers:
include:_cloud-netblocks1.googleusercontent.com include:_cloud-netblocks2.googleusercontent.com include:_cloud-netblocks3.googleusercontent.comif you then query those, you get this list of ranges (as of 2014-06-26):
8.34.208.0/20 8.35.192.0/21 8.35.200.0/23 23.236.48.0/20 23.251.128.0/19 107.167.160.0/19 107.178.192.0/18 108.170.192.0/20 108.170.208.0/21 108.170.216.0/22 108.170.220.0/23 108.170.222.0/24 108.59.80.0/20 130.211.4.0/22 146.148.16.0/20 146.148.2.0/23 146.148.32.0/19 146.148.4.0/22 146.148.64.0/18 146.148.8.0/21 162.216.148.0/22 162.222.176.0/21 173.255.112.0/20 192.158.28.0/22 199.192.112.0/22 199.223.232.0/22 199.223.236.0/23讨论(0) -
I've created a ruby script for this exact purpose (super simple, easy to update):
https://github.com/stephengroat/whitelist-travisci
Resolv::DNS.open do |dns| ress = dns.getresource "_cloud-netblocks.googleusercontent.com", Resolv::DNS::Resource::IN::TXT ress.data.scan(/(?<=include:)_cloud-netblocks+\d.googleusercontent.com/).each do |r| subress = dns.getresource r, Resolv::DNS::Resource::IN::TXT subress.data.scan(/(?<=ip[4|6]:)[^\s]+/).each do |sr| puts sr end end end讨论(0) -
And this is an updated list as of March 20, 2016:
Extracted using instructions in this KB article.
ip4:8.34.208.0/20 ip4:8.35.192.0/21 ip4:8.35.200.0/23 ip4:108.59.80.0/20 ip4:108.170.192.0/20 ip4:108.170.208.0/21 ip4:108.170.216.0/22 ip4:108.170.220.0/23 ip4:108.170.222.0/24 ip4:162.216.148.0/22 ip4:162.222.176.0/21 ip4:173.255.112.0/20 ip4:192.158.28.0/22 ip4:199.192.112.0/22 ip4:199.223.232.0/22 ip4:199.223.236.0/23 ip4:23.236.48.0/20 ip4:23.251.128.0/19 ip4:107.167.160.0/19 ip4:107.178.192.0/18 ip4:146.148.2.0/23 ip4:146.148.4.0/22 ip4:146.148.8.0/21 ip4:146.148.16.0/20 ip4:146.148.32.0/19 ip4:146.148.64.0/18 ip4:130.211.4.0/22 ip4:130.211.8.0/21 ip4:130.211.16.0/20 ip4:130.211.32.0/19 ip4:130.211.64.0/18 ip4:130.211.128.0/17 ip4:104.154.0.0/15 ip4:104.196.0.0/14 ip4:208.68.108.0/23 ip6:2600:1900::/35讨论(0)
加载中...
- 热议问题