Large Varying IP Pools for DNS (CB Defense dev-prod05.conferdeploy.net) And Firewall Rules[SOLUTION]

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Reply
BrianRa
L3 Networker

@rmfalconer I will break each one down so it makes more sense.  If you understand more than this and it is redundant I apologize but I want to make sure it is all clear.  All definitions are in reference to what I am doing with it.  A not on the ".txt" extension, this has nothing to do with linux but makes it easily Windows readable (auto opens in notepad++ for me).

  • host = nslookup
  • | breaks out for the new command based on the results of the previous command
  • grep = search request based on the result of "host" command (because of the pipe) containing the word "has"
  • awk = a programing language initiator for printing the 4th value in the string based on a space breakout
  • >> is equl to an append at the end of file
  • > is equal to a replace/create file
  • rm = remove file

 

RUN EVERY 5 MINUTES (Done every 5 minutes to try to capture all the IPs that are available)

                  host dev-prod05.conferdeploy.net | grep has | awk '{print $4}' >> dev-prod05.conferdeploy.net_BULK-IPs.txt

dev-prod05.conferdeploy.net has address 52.45.174.75

dev-prod05.conferdeploy.net has address 52.2.229.136

Find all lines that contain "has" in the line

Now pull out the 4th variable based on a space delimiter from each line

52.45.174.75

52.2.229.136

Paste that value at the end of the current/defined txt file

 

RUN EVERY 10 MINUTES (Done every 10 minutes to try to capture new IPs but there is no reason to do it as often because the likely hood of a new IP after the first hour is low)

                  awk '!seen[$0]++' dev-prod05.conferdeploy.net_BULK-IPs.txt > dev-prod05.conferdeploy.net.txt

Search in the defined "BULK-IPs.txt" file for a unique value

Repeat this command for all lines in this file

Paste that unique values into a new/overwritten defined txt file

 

RUN ONCE A DAY: (I chose once daily because it is easy to troubleshoot and keeps the file down to the expected 30 IPs)

                  rm /dev-prod05.conferdeploy.net_BULK-IPs.txt

Remove the defined "BULK-IPs.txt" file

There is no reason to rm/delete the dev-prod05.conferdeploy.net.txt final product file because it is already overwritten every 10 minutes with a new file

 

Please let me know if any of this does not make sense and I will try to explain it.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!