-
Notifications
You must be signed in to change notification settings - Fork 0
/
cloudflare.go
58 lines (51 loc) · 1.26 KB
/
cloudflare.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package main
import (
"context"
"io"
"net"
"net/http"
"strings"
"time"
"github.com/fiatjaf/khatru"
"github.com/nbd-wtf/go-nostr"
)
var cloudflareRanges []*net.IPNet
func updateCloudflareRangesRoutine() {
for {
newRanges := make([]*net.IPNet, 0, 30)
for _, url := range []string{
"https://www.cloudflare.com/ips-v6/",
"https://www.cloudflare.com/ips-v4/",
} {
resp, err := http.Get(url)
if err != nil {
log.Error().Err(err).Msg("failed to fetch cloudflare ips")
continue
}
data, _ := io.ReadAll(resp.Body)
resp.Body.Close()
for _, line := range strings.Split(strings.TrimSpace(string(data)), "\n") {
_, ipnet, err := net.ParseCIDR(strings.TrimSpace(line))
if err != nil {
log.Error().Str("line", line).Err(err).Msg("failed to parse cloudflare ip range")
continue
}
newRanges = append(newRanges, ipnet)
}
}
if len(newRanges) > 0 {
cloudflareRanges = newRanges
}
time.Sleep(time.Hour * 24)
}
}
func rejectCloudflareEvents(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
conn := khatru.GetConnection(ctx)
ip := getRemoteIPAndParse(conn.Request)
for _, ipnet := range cloudflareRanges {
if ipnet.Contains(ip) {
return true, "blastr not allowed"
}
}
return false, ""
}