【转载】指定端口仅允许Cloudflare IP访问转发

杨幂的脚2024-07-252024-07-25

Cloudflare IP 地址范围

Cloudflare IPv4：https://www.cloudflare.com/ips-v4/#
Cloudflare IPv6：https://www.cloudflare.com/ips-v6/#

如何使用

示例：80、443端口，Ubuntu / Debian 运行环境

一键部署

bash -c 'ipv4_addresses=("103.21.244.0/22" "103.22.200.0/22" "103.31.4.0/22" "104.16.0.0/13" "104.24.0.0/14" "108.162.192.0/18" "131.0.72.0/22" "141.101.64.0/18" "162.158.0.0/15" "172.64.0.0/13" "173.245.48.0/20" "188.114.96.0/20" "190.93.240.0/20" "197.234.240.0/22" "198.41.128.0/17"); ipv6_addresses=("2400:cb00::/32" "2606:4700::/32" "2803:f800::/32" "2405:b500::/32" "2405:8100::/32" "2a06:98c0::/29" "2c0f:f248::/32"); for ipv4 in "${ipv4_addresses[@]}"; do sudo ufw allow from $ipv4 to any port 80; sudo ufw allow from $ipv4 to any port 443; done; for ipv6 in "${ipv6_addresses[@]}"; do sudo ufw allow from $ipv6 to any port 80; sudo ufw allow from $ipv6 to any port 443; done'

完整命令(自己新建一个sh文件权限775)：

#!/bin/bash

# Cloudflare IPv4 addresses
ipv4_addresses=(
    103.21.244.0/22
    103.22.200.0/22
    103.31.4.0/22
    104.16.0.0/13
    104.24.0.0/14
    108.162.192.0/18
    131.0.72.0/22
    141.101.64.0/18
    162.158.0.0/15
    172.64.0.0/13
    173.245.48.0/20
    188.114.96.0/20
    190.93.240.0/20
    197.234.240.0/22
    198.41.128.0/17
)

# Cloudflare IPv6 addresses
ipv6_addresses=(
    2400:cb00::/32
    2606:4700::/32
    2803:f800::/32
    2405:b500::/32
    2405:8100::/32
    2a06:98c0::/29
    2c0f:f248::/32
)

# Allow traffic from Cloudflare for port 80 443
for ipv4 in "${ipv4_addresses[@]}"
do
    sudo ufw allow from $ipv4 to any port 80
    sudo ufw allow from $ipv4 to any port 443
done

for ipv6 in "${ipv6_addresses[@]}"
do
    sudo ufw allow from $ipv6 to any port 80
    sudo ufw allow from $ipv6 to any port 443
done

原文：https://blog.intel.im/archives/zhi-ding-duan-kou-jin-yun-xu-cloudflareip-fang-wen