2
I have a list of about 170,000 IP ranges I would like to block ( Basically all IP's outside of the US and Canada ). The list is in CIDR format.
Is there any software that I can pipe this into and get the most condensed form of it?
I would like to input this in to iptables, but heard the practical limit for iptables is around 25,000
An example of the input file,
1.0.0.0/24
1.0.1.0/24
1.0.2.0/23
1.0.4.0/22
1.0.8.0/21
1.0.16.0/20
1.0.32.0/19
1.0.64.0/18
1.0.128.0/17
1.1.0.0/24
and just some manual conversion 1.0.1.0/24 and 1.0.0.0/24 could be summed up as 1.0.0.0/23 which when joined with 1.0.2.0/23 could be 1.0.0.0/22 which when joined with 1.0.4.0/22 would be 1.0.0.0/21 and so on
So manually condensing this would be
1.0.0.0/16
1.1.0.0/24
Tim Holum
Posted 2017-04-26T14:48:38.887
Reputation: 163
You sure it wouldn't be easier to whitelist instead? – user1686 – 2017-05-19T12:24:43.813
Unfortunatly no, the client connects from all over the us ( mostly in a 3 state area, but it is required that they can connect from anywhere in the us ) – Tim Holum – 2017-05-19T13:29:15.580
Then whitelist all of the US... if a VPN is not suitable. – user1686 – 2017-05-19T14:52:26.733