In order to make it easier / more reliable / safer to consume the cloudflare ip range lists in an automated, human free, low to no long term maintenance overhead fashion, can we get those in json format as well? Additionally, having one file instead of multiple and allowing for extension of future services would be logical, allowing current implementations to be expanded without having to change the source data locations or parsing unnecessarily. Most importantly, this would allow for a last changed date stamp to be added for versioning and allowing for easy automation triggers of changes to this list. Data descriptors are only place-holders, change as needed to fit data object models available.
Current:
https://www.cloudflare.com/ips-v4
https://www.cloudflare.com/ips-v6
And another for
Use case: Automation
It would be easier and safer not having to build a regex matcher to ensure the format is correct on the txt files for automating in Terraform, Lambda’s, etc with native json parsing in lieu of raw text files.
Proposed example would look something like :
https://www.cloudflare.com/ips-json
{
"token": "1590162244",
"updated": "2020-05-22-15-44-43",
"ipv4_prefixes": [
{
"ipv4_prefix": "173.245.48.0/20",
"region": "GLOBAL",
"service": "CLOUDFLARE"
},
{
"ipv4_prefix": "103.21.244.0/22",
"region": "GLOBAL",
"service": "CLOUDFLARE"
}
],
"ipv6_prefixes": [
{
"ipv6_prefix": "2400:cb00::/32",
"region": "GLOBAL",
"service": "CLOUDFLARE"
},
{
"ipv6_prefix": "2606:4700::/32",
"region": "GLOBAL",
"service": "CLOUDFLARE"
}
]
}
(As a follow up in case anyone runs into this and wants a quick dirty way to get a straight list in a file on linux with curl and jq see below)
curl -sS "https://api.cloudflare.com/client/v4/ips" | jq -r '.result.ipv4_cidrs | .[]' > cloudflare_ipv4_cidrs
curl -sS "https://api.cloudflare.com/client/v4/ips" | jq -r '.result.ipv6_cidrs | .[]' > cloudflare_ipv6_cidrs