clerie/nixfiles
1
0
Fork 0
Code Activity

hosts/web-2: Block Alibaba Cloud because of scraper bots

Browse Source
This commit is contained in:
clerie
2025-07-18 23:55:33 +02:00
parent 9b05a008bb
commit 5bd15927d5
5 changed files with 895 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
pkgs/generate-blocked-prefixes/default.nix Normal file
View File

@@ -0,0 +1,7 @@
{ pkgs, ... }:
pkgs.clerie-build-support.writePythonScript {
name = "generate-blocked-prefixes";
runtimePackages = ps: with ps; [ requests ];
text = builtins.readFile ./generate-blocked-prefixes.py;
}

23
pkgs/generate-blocked-prefixes/generate-blocked-prefixes.py Executable file
View File

@@ -0,0 +1,23 @@
#!/usr/bin/env python3
import requests
blocked_asns = [
"45102", # Alibaba (US) Technology Co., Ltd.
]
r = requests.get('https://bgp.tools/table.txt', stream=True, headers={
"User-Agent": "https://git.clerie.de/clerie/nixfiles",
})
with open("hosts/web-2/blocked-prefixes.txt", "w") as blocked_ips_file:
for line in r.iter_lines(decode_unicode=True):
ip, asn = line.split()
if asn in blocked_asns:
if ":" in ip:
blocked_ips_file.write(f"ip6tables -I nixos-fw -s {ip} -j nixos-fw-refuse\n")
else:
blocked_ips_file.write(f"iptables -I nixos-fw -s {ip} -j nixos-fw-refuse\n")