diff --git a/README.md b/README.md index 97f565f..ac409d2 100644 --- a/README.md +++ b/README.md @@ -1,45 +1,106 @@ # About -Fortress is a simple tool aimed at reducing the manual sysadmin work involved in blocking attacking IPs. +Fortress is a simple tool aimed at reducing the manual sysadmin work involved +in blocking attacking IPs during SYN floods. -The default thing that sysadmins do is `netstat -ntp`/`ss -ntp` to find what IPs are accessing the system, during overload times. These tools may be slow to produce the desired information and are usully combined with piping this information into grep/awk/sort/uniq additional tools to get the right data. +The default thing that sysadmins do is `netstat -ntp`/`ss -ntp` to find what +IPs are accessing the system, during overload times. These tools may be slow to +produce the desired information and are usully combined with piping this +information into grep/awk/sort/uniq additional tools to get the right data. -Fortress is able to identify such attacks in less then 1sec and then block the offending IPs. This tool does the same thing that a sysadmin would do, but costing significantly less resources and faster. +Fortress is able to identify such attacks in less then 1 second and then block +the offending IPs. This tool does the same thing that a sysadmin would do, but +costing significantly less resources and faster. -This is a standalone daemon or a systemd service. +Fortress can run as a standalone daemon or as a systemd service. -The daemon supports excluding/whitelisting individual IPs and/or IP ranges(CIDR) in separate files. The good thing is that the whitelisting mechanism is pretty efficient(based on Patricia Trie for the IP lookups), so it can take huge IP lists, like the IP ranges of google, cloudflare, bing or etc. +The daemon supports excluding/whitelisting individual IPs and/or IP ranges +(CIDR) in separate files. The whitelisting mechanism is pretty efficient (based +on Patricia Trie for the IP lookups), so it can take huge IP lists, like the IP +ranges of Google, Cloudflare, Bing, etc. -To that end, we have provided a compiled list of IP ranges from the biggest providers on the net in the excludes folder. +To that end, we have provided a compiled list of IP ranges from the biggest +providers on the net in the excludes folder. - -Right now, the tool supports only TCP with UDP to be added soon. It checks conns only in either SYN_RECV or ESTABLISHED states to prevent either resource exhaustion or service interruption(flood). +Right now, the tool supports only TCP with UDP to be added soon and IPv4. It +checks conns only in either `SYN_RECV` or `ESTABLISHED` states to prevent +either resource exhaustion or service interruption (flood). # How does it work? -Fortress parses `/proc/net/tcp`(the tcp states provided by the Linux kernel) every second and also checks the load of the machine from `/proc/loadavg`. +Fortress parses `/proc/net/tcp` (the tcp states provided by the Linux kernel) +every second and also checks `/proc/loadavg` for the load of the machine. -It first creates a list of connections for the monitored ports. Then based on the configuration(high_load, low_conns, high_cons, syn_recv_conns) it decides if an IP has to be blocked. +It first creates a list of connections for the monitored ports. Then based on +the configuration (high_load, low_conns, high_cons, syn_recv_conns) it decides +if an IP has to be blocked. -It uses an external [shell script](fortress-block.sh), that can be modified by the administrator, to block IPs. +It uses an external [shell script](fortress-block.sh), that can be modified by +the administrator, to block IPs. +With the default configuration, Fortress will look for SYN flood conns all the +time. These are IPs sending more then 20 TCP packets with SYN flag set. This +means that at a single moment, this IP has tried to open more then +20(syn_recv_conns) simultaneous connections to the server. -With the default configuration, Fortress will look for syn flood conns all the time. These are IPs sending more then 20 TCP packets with SYN flag set. This means that at a single moment, this IP has tried to open more then 20(syn_recv_conns) simultaneous connections to the server. - -It will also check established connections. These are connections that already have the TCP 3-way handshake finished and application is expected to handle them. -When the load is below the high limit(high_load), the number of simultaneous connections from a single IP has to be above 50(low_conns) in order to get blocked. -When the load is above the high limit(high_load), the number of simultaneous connections from a single IP has to be above 30(high_conns) in order to get blocked. +It will also check established connections. These are connections that already +have the TCP 3-way handshake finished and application is expected to handle +them. When the load is below the high limit(high_load), the number of +simultaneous connections from a single IP has to be above 50(low_conns) in +order to get blocked. When the load is above the high limit(high_load), the +number of simultaneous connections from a single IP has to be above +30(high_conns) in order to get blocked. # Configuration -Configuration, by default is expected to be in [`/etc/fortress/fortress.conf`](fortress.conf). We have tried to provide enough comments in there to reduce the need for separate documentation. +Configuration, by default is expected to be in +[`/etc/fortress/fortress.conf`](fortress.conf). We have tried to provide enough +comments in there to reduce the need for separate documentation. # Blocking -Fortress supports 3 different types of blocking the offending IPs. And all 3 are defined in the [`fortress-block.sh`](fortress-block.sh). -1. `iptables` - blocking the IPs directly in your firewall with iptables. You can also create a dedicated chain for that and set its name in fortres.conf -2. `ipset` - a more efficient blocking mechanism would be to levarage IPsets. This allows you to block large number of IPs without overwhelming iptables and slowing down the packet processing. -3. redirection - in this mechanism, we forward the TCP connection to a separate server, on which we expect to have a block page explaining, why the client is not seeing the expected web page. This mechanims uses DNAT and SNAT to achieve this and is the most resource inefficient way. However, it does give proper information to the end user. An example blocked page can be seen in the [block_page](block_page) folder. +Fortress supports 3 different types of blocking the offending IPs. And all 3 +are defined in the [`fortress-block.sh`](fortress-block.sh). +1. `iptables` - blocking the IPs directly in your firewall with iptables. You + can also create a dedicated chain for that and set its name in fortres.conf +2. `ipset` - a more efficient blocking mechanism would be to levarage IPsets. + This allows you to block large number of IPs without overwhelming iptables + and slowing down the packet processing. +3. redirection - in this mechanism, we forward the TCP connection to a separate + server, on which we expect to have a block page explaining, why the client + is not seeing the expected web page. This mechanims uses DNAT and SNAT to + achieve this and is the most resource inefficient way. However, it does give + proper information to the end user. An example blocked page can be seen in + the [block_page](block_page) folder. Feel free to modify this script in any way, to suit your blocking needs. +# How to install? + +## Operating Systems with rpm + +With rpm-based distributions, you can download the latest rpm package from the +[Releases](https://github.com/hackman/Fortress/releases) page manually or with +`wget` or another command line tool of your choice. + + wget https://github.com/hackman/Fortress/releases/download/v1.0.3/fortress-1.0-3.noarch.rpm + +Install the rpm. + + sudo rpm -ivh fortress-1.0-3.noarch.rpm + +## Operating Systems without rpm + +Clone the Fortress repository. + + git clone https://github.com/hackman/fortress + +Change to the fortress directory. + + cd fortress + +Run the installer. + + sudo bash fortress-install.sh + # Credits: - - block icon, originally pulled from https://www.pngwing.com/en/free-png-mqxsx and resized + - Block icon is CC0 and pulled from + and resized. diff --git a/TODO.md b/TODO.md deleted file mode 100644 index a62c7d0..0000000 --- a/TODO.md +++ /dev/null @@ -1,3 +0,0 @@ -* Signal handler for stop, saving the current list of blocked IPs before exiting. -* Parse and check /proc/net/udp -* Debian and Ubuntu packages diff --git a/block_page/blocked.png b/block_page/blocked.png index 24bb26b..5bfcbe7 100644 Binary files a/block_page/blocked.png and b/block_page/blocked.png differ diff --git a/block_page/index.html b/block_page/index.html index cc61cf5..700296e 100644 --- a/block_page/index.html +++ b/block_page/index.html @@ -6,7 +6,7 @@ diff --git a/excludes/google.txt b/excludes/google.txt index 2581026..862ce90 100644 --- a/excludes/google.txt +++ b/excludes/google.txt @@ -1,3914 +1,312 @@ -# Google -# UA "AdsBot-Google (+http://www.google.com/adsbot.html)" -# UA "Googlebot-Image/1.0" -# UA "Googlebot/2.1 (+http://www.googlebot.com/bot.html)" -# UA "Googlebot/Test (+http://www.googlebot.com/bot.html)" -# UA "Googlebot/Test" -# UA "Mediapartners-Google/2.1 (+http://www.googlebot.com/bot.html)" -# UA "Mediapartners-Google/2.1" -# UA "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" -# UA "gsa-crawler (Enterprise; S4-E9LJ2B82FJJAA; me@mycompany.com)" -1.179.112.0/20 -5.183.79.0/24 -8.34.208.0/21 -8.34.208.0/24 -8.34.209.0/24 -8.34.210.0/24 -8.34.211.0/24 -8.34.212.0/24 -8.34.213.0/24 -8.34.214.0/24 -8.34.215.0/24 -8.34.216.0/21 -8.34.216.0/24 -8.34.217.0/24 -8.34.218.0/24 -8.34.219.0/24 -8.34.220.0/24 -8.34.221.0/24 -8.34.222.0/24 -8.34.223.0/24 -8.35.192.0/21 -8.35.192.0/24 -8.35.193.0/24 -8.35.194.0/24 -8.35.195.0/24 -8.35.196.0/24 -8.35.197.0/24 -8.35.198.0/24 -8.35.199.0/24 -8.35.200.0/21 -8.8.4.0/24 -8.8.8.0/24 -23.131.144.0/24 -23.161.104.0/24 -23.227.32.0/24 -23.227.33.0/24 -23.227.34.0/24 -23.227.35.0/24 -23.227.36.0/24 -23.227.40.0/24 -23.227.41.0/24 -23.227.42.0/24 -23.227.43.0/24 -23.227.44.0/24 -23.227.45.0/24 -23.227.46.0/24 -23.227.47.0/24 -23.227.48.0/24 -23.227.49.0/24 -23.227.50.0/24 -23.227.51.0/24 -23.227.52.0/24 -23.227.53.0/24 -23.227.54.0/24 -23.227.55.0/24 -23.227.56.0/24 -23.227.57.0/24 -23.227.58.0/24 -23.227.59.0/24 -23.227.61.0/24 -23.227.62.0/24 -23.227.63.0/24 -23.236.48.0/20 -23.236.48.0/24 -23.236.49.0/24 -23.236.50.0/24 -23.236.51.0/24 -23.236.52.0/24 -23.236.53.0/24 -23.236.54.0/24 -23.236.55.0/24 -23.236.56.0/24 -23.236.57.0/24 -23.236.58.0/24 -23.236.59.0/24 -23.236.60.0/24 -23.236.61.0/24 -23.236.62.0/24 -23.236.63.0/24 -23.251.128.0/19 -23.251.128.0/24 -23.251.129.0/24 -23.251.130.0/24 -23.251.131.0/24 -23.251.132.0/24 -23.251.133.0/24 -23.251.134.0/24 -23.251.135.0/24 -23.251.136.0/24 -23.251.137.0/24 -23.251.138.0/24 -23.251.139.0/24 -23.251.140.0/24 -23.251.141.0/24 -23.251.142.0/24 -23.251.143.0/24 -23.251.144.0/24 -23.251.145.0/24 -23.251.146.0/24 -23.251.147.0/24 -23.251.148.0/24 -23.251.149.0/24 -23.251.150.0/24 -23.251.151.0/24 -23.251.152.0/24 -23.251.153.0/24 -23.251.154.0/24 -23.251.155.0/24 -23.251.156.0/24 -23.251.157.0/24 -23.251.158.0/24 -23.251.159.0/24 -23.89.224.0/21 -23.89.240.0/21 -27.0.224.0/22 -31.25.12.0/24 -31.25.14.0/24 -34.0.128.0/19 -34.0.160.0/19 -34.0.192.0/19 -34.0.224.0/24 -34.0.225.0/24 -34.0.226.0/24 -34.0.227.0/24 -34.0.240.0/20 -34.0.48.0/20 -34.0.96.0/19 -34.1.0.0/20 -34.1.16.0/20 -34.1.32.0/20 -34.1.48.0/20 -34.1.64.0/24 -34.1.65.0/24 -34.1.66.0/24 -34.1.67.0/24 -34.1.68.0/24 -34.1.69.0/24 -34.1.70.0/24 -34.1.71.0/24 -34.1.72.0/24 -34.1.73.0/24 -34.100.0.0/14 -34.100.0.0/20 -34.100.104.0/21 -34.100.112.0/20 -34.100.128.0/20 -34.100.144.0/20 -34.100.16.0/20 -34.100.160.0/20 -34.100.176.0/20 -34.100.192.0/20 -34.100.208.0/20 -34.100.224.0/20 -34.100.240.0/20 -34.100.32.0/20 -34.100.48.0/20 -34.100.64.0/21 -34.100.72.0/21 -34.100.80.0/20 -34.100.96.0/21 -34.101.0.0/16 -34.101.112.0/20 -34.101.128.0/20 -34.101.144.0/20 -34.101.160.0/20 -34.101.176.0/20 -34.101.18.0/24 -34.101.192.0/20 -34.101.208.0/20 -34.101.224.0/20 -34.101.240.0/20 -34.101.32.0/19 -34.101.64.0/20 -34.101.80.0/20 -34.101.96.0/20 -34.102.0.0/20 -34.102.112.0/20 -34.102.16.0/20 -34.102.32.0/20 -34.102.48.0/20 -34.102.64.0/20 -34.102.80.0/20 -34.102.96.0/20 -34.103.0.0/20 -34.103.112.0/20 -34.103.128.0/20 -34.103.144.0/20 -34.103.16.0/20 -34.103.160.0/20 -34.103.176.0/20 -34.103.192.0/20 -34.103.208.0/20 -34.103.224.0/20 -34.103.240.0/20 -34.103.32.0/20 -34.103.48.0/21 -34.103.56.0/21 -34.103.64.0/22 -34.103.68.0/22 -34.103.72.0/22 -34.103.76.0/22 -34.103.80.0/20 -34.103.96.0/20 -34.104.0.0/14 -34.104.0.0/22 -34.104.128.0/20 -34.104.144.0/20 -34.104.16.0/21 -34.104.160.0/20 -34.104.176.0/20 -34.104.192.0/20 -34.104.208.0/20 -34.104.224.0/20 -34.104.240.0/20 -34.104.29.0/24 -34.104.40.0/21 -34.104.6.0/23 -34.104.8.0/21 -34.105.0.0/20 -34.105.112.0/20 -34.105.128.0/20 -34.105.144.0/20 -34.105.16.0/20 -34.105.160.0/20 -34.105.176.0/20 -34.105.192.0/20 -34.105.208.0/20 -34.105.224.0/20 -34.105.240.0/20 -34.105.32.0/20 -34.105.48.0/20 -34.105.64.0/20 -34.105.80.0/20 -34.105.96.0/20 -34.106.0.0/20 -34.106.112.0/20 -34.106.128.0/20 -34.106.144.0/20 -34.106.16.0/20 -34.106.160.0/20 -34.106.176.0/20 -34.106.192.0/20 -34.106.208.0/20 -34.106.224.0/20 -34.106.240.0/20 -34.106.32.0/20 -34.106.48.0/20 -34.106.64.0/20 -34.106.80.0/20 -34.106.96.0/20 -34.107.0.0/20 -34.107.112.0/20 -34.107.16.0/20 -34.107.32.0/20 -34.107.48.0/20 -34.107.64.0/20 -34.107.80.0/20 -34.107.96.0/20 -34.108.0.0/14 -34.108.0.0/20 -34.108.112.0/20 -34.108.128.0/20 -34.108.144.0/20 -34.108.16.0/20 -34.108.160.0/20 -34.108.176.0/20 -34.108.192.0/20 -34.108.208.0/20 -34.108.224.0/20 -34.108.240.0/20 -34.108.32.0/20 -34.108.48.0/20 -34.108.64.0/20 -34.108.80.0/20 -34.108.96.0/20 -34.110.16.0/20 -34.116.0.0/14 -34.116.0.0/20 -34.116.112.0/20 -34.116.128.0/20 -34.116.144.0/20 -34.116.160.0/20 -34.116.176.0/20 -34.116.192.0/20 -34.116.208.0/20 -34.116.224.0/20 -34.116.240.0/20 -34.116.48.0/20 -34.116.64.0/20 -34.116.80.0/20 -34.116.96.0/20 -34.118.0.0/20 -34.118.112.0/20 -34.118.128.0/18 -34.118.16.0/20 -34.118.192.0/21 -34.118.200.0/21 -34.118.208.0/20 -34.118.240.0/22 -34.118.244.0/22 -34.118.248.0/23 -34.118.250.0/23 -34.118.252.0/23 -34.118.254.0/23 -34.118.32.0/20 -34.118.48.0/20 -34.118.64.0/20 -34.118.80.0/20 -34.118.96.0/20 -34.119.0.0/20 -34.119.112.0/20 -34.119.128.0/20 -34.119.144.0/20 -34.119.16.0/20 -34.119.160.0/20 -34.119.176.0/20 -34.119.192.0/20 -34.119.208.0/20 -34.119.224.0/20 -34.119.240.0/20 -34.119.32.0/20 -34.119.48.0/20 -34.119.64.0/20 -34.119.80.0/20 -34.119.96.0/20 -34.120.0.0/13 -34.120.0.0/14 -34.121.0.0/20 -34.121.112.0/20 -34.121.128.0/20 -34.121.144.0/20 -34.121.16.0/20 -34.121.160.0/20 -34.121.176.0/20 -34.121.192.0/20 -34.121.208.0/20 -34.121.224.0/20 -34.121.240.0/20 -34.121.32.0/20 -34.121.48.0/20 -34.121.64.0/20 -34.121.80.0/20 -34.121.96.0/20 -34.122.0.0/20 -34.122.112.0/20 -34.122.128.0/20 -34.122.144.0/20 -34.122.16.0/20 -34.122.160.0/20 -34.122.176.0/20 -34.122.192.0/20 -34.122.208.0/20 -34.122.224.0/20 -34.122.240.0/20 -34.122.32.0/20 -34.122.48.0/20 -34.122.64.0/20 -34.122.80.0/20 -34.122.96.0/20 -34.123.0.0/20 -34.123.112.0/20 -34.123.128.0/20 -34.123.144.0/20 -34.123.16.0/20 -34.123.160.0/20 -34.123.176.0/20 -34.123.192.0/20 -34.123.208.0/20 -34.123.224.0/20 -34.123.240.0/20 -34.123.32.0/20 -34.123.48.0/20 -34.123.64.0/20 -34.123.80.0/20 -34.123.96.0/20 -34.124.0.0/14 -34.124.112.0/20 -34.124.128.0/20 -34.124.144.0/20 -34.124.160.0/20 -34.124.176.0/20 -34.124.192.0/20 -34.124.208.0/20 -34.124.224.0/20 -34.124.240.0/20 -34.124.64.0/20 -34.124.80.0/23 -34.124.84.0/22 -34.124.88.0/23 -34.124.90.0/24 -34.124.91.0/24 -34.124.92.0/22 -34.124.96.0/21 -34.125.0.0/20 -34.125.112.0/20 -34.125.128.0/20 -34.125.144.0/20 -34.125.16.0/20 -34.125.160.0/20 -34.125.176.0/20 -34.125.192.0/20 -34.125.208.0/20 -34.125.224.0/20 -34.125.240.0/20 -34.125.32.0/20 -34.125.48.0/20 -34.125.64.0/20 -34.125.80.0/20 -34.125.96.0/20 -34.126.112.0/20 -34.126.128.0/20 -34.126.144.0/20 -34.126.160.0/20 -34.126.176.0/20 -34.126.192.0/20 -34.126.208.0/20 -34.126.240.0/21 -34.126.248.0/21 -34.126.64.0/20 -34.126.80.0/20 -34.126.96.0/20 -34.127.0.0/20 -34.127.112.0/20 -34.127.16.0/20 -34.127.192.0/18 -34.127.32.0/20 -34.127.48.0/20 -34.127.64.0/20 -34.127.80.0/20 -34.127.96.0/20 -34.128.0.0/13 -34.128.0.0/16 -34.128.0.0/17 -34.128.0.0/24 -34.128.128.0/17 -34.128.16.0/20 -34.128.192.0/20 -34.128.252.0/24 -34.128.64.0/19 -34.128.96.0/19 -34.129.0.0/16 -34.129.0.0/20 -34.129.112.0/20 -34.129.128.0/20 -34.129.144.0/20 -34.129.16.0/20 -34.129.160.0/20 -34.129.176.0/20 -34.129.192.0/20 -34.129.208.0/20 -34.129.224.0/20 -34.129.240.0/20 -34.129.32.0/20 -34.129.48.0/20 -34.129.64.0/20 -34.129.80.0/20 -34.129.96.0/20 -34.130.0.0/16 -34.130.0.0/20 -34.130.112.0/20 -34.130.128.0/20 -34.130.144.0/20 -34.130.16.0/20 -34.130.160.0/20 -34.130.176.0/20 -34.130.192.0/20 -34.130.208.0/20 -34.130.224.0/20 -34.130.240.0/20 -34.130.32.0/20 -34.130.48.0/20 -34.130.64.0/20 -34.130.80.0/20 -34.130.96.0/20 -34.131.0.0/16 -34.131.0.0/20 -34.131.112.0/20 -34.131.128.0/20 -34.131.144.0/20 -34.131.16.0/20 -34.131.160.0/20 -34.131.176.0/20 -34.131.192.0/20 -34.131.208.0/20 -34.131.224.0/20 -34.131.240.0/20 -34.131.32.0/20 -34.131.48.0/20 -34.131.64.0/20 -34.131.80.0/20 -34.131.96.0/20 -34.132.0.0/16 -34.132.0.0/20 -34.132.112.0/20 -34.132.128.0/20 -34.132.144.0/20 -34.132.16.0/20 -34.132.160.0/20 -34.132.176.0/20 -34.132.192.0/20 -34.132.208.0/20 -34.132.224.0/20 -34.132.240.0/20 -34.132.32.0/20 -34.132.48.0/20 -34.132.64.0/20 -34.132.80.0/20 -34.132.96.0/20 -34.133.0.0/16 -34.133.0.0/20 -34.133.112.0/20 -34.133.128.0/20 -34.133.144.0/20 -34.133.16.0/20 -34.133.160.0/20 -34.133.176.0/20 -34.133.192.0/20 -34.133.208.0/20 -34.133.224.0/20 -34.133.240.0/20 -34.133.32.0/20 -34.133.48.0/20 -34.133.64.0/20 -34.133.80.0/20 -34.133.96.0/20 -34.134.0.0/16 -34.134.0.0/20 -34.134.112.0/20 -34.134.128.0/20 -34.134.144.0/20 -34.134.16.0/20 -34.134.160.0/20 -34.134.176.0/20 -34.134.192.0/20 -34.134.208.0/20 -34.134.224.0/20 -34.134.240.0/20 -34.134.32.0/20 -34.134.48.0/20 -34.134.64.0/20 -34.134.80.0/20 -34.134.96.0/20 -34.135.0.0/16 -34.135.0.0/20 -34.135.112.0/20 -34.135.128.0/20 -34.135.144.0/20 -34.135.16.0/20 -34.135.160.0/20 -34.135.176.0/20 -34.135.192.0/20 -34.135.208.0/20 -34.135.224.0/20 -34.135.240.0/20 -34.135.32.0/20 -34.135.48.0/20 -34.135.64.0/20 -34.135.80.0/20 -34.135.96.0/20 -34.136.0.0/13 -34.136.0.0/16 -34.136.0.0/20 -34.136.112.0/20 -34.136.128.0/20 -34.136.144.0/20 -34.136.16.0/20 -34.136.160.0/20 -34.136.176.0/20 -34.136.192.0/20 -34.136.208.0/20 -34.136.224.0/20 -34.136.240.0/20 -34.136.32.0/20 -34.136.48.0/20 -34.136.64.0/20 -34.136.80.0/20 -34.136.96.0/20 -34.137.0.0/16 -34.137.0.0/17 -34.137.128.0/17 -34.138.0.0/16 -34.138.0.0/20 -34.138.112.0/20 -34.138.128.0/20 -34.138.144.0/20 -34.138.16.0/20 -34.138.160.0/20 -34.138.176.0/20 -34.138.192.0/20 -34.138.208.0/20 -34.138.224.0/20 -34.138.240.0/20 -34.138.32.0/20 -34.138.48.0/20 -34.138.64.0/20 -34.138.80.0/20 -34.138.96.0/20 -34.139.0.0/16 -34.139.0.0/20 -34.139.112.0/20 -34.139.128.0/20 -34.139.144.0/20 -34.139.16.0/20 -34.139.160.0/20 -34.139.176.0/20 -34.139.192.0/20 -34.139.208.0/20 -34.139.224.0/20 -34.139.240.0/20 -34.139.32.0/20 -34.139.48.0/20 -34.139.64.0/20 -34.139.80.0/20 -34.139.96.0/20 -34.140.0.0/16 -34.140.0.0/20 -34.140.112.0/20 -34.140.128.0/20 -34.140.144.0/20 -34.140.16.0/20 -34.140.160.0/20 -34.140.176.0/20 -34.140.192.0/20 -34.140.208.0/20 -34.140.224.0/20 -34.140.240.0/20 -34.140.32.0/20 -34.140.48.0/20 -34.140.64.0/20 -34.140.80.0/20 -34.140.96.0/20 -34.141.0.0/16 -34.141.0.0/20 -34.141.112.0/20 -34.141.128.0/20 -34.141.144.0/20 -34.141.16.0/20 -34.141.160.0/20 -34.141.176.0/20 -34.141.192.0/20 -34.141.208.0/20 -34.141.224.0/20 -34.141.240.0/20 -34.141.32.0/20 -34.141.48.0/20 -34.141.64.0/20 -34.141.80.0/20 -34.141.96.0/20 -34.142.0.0/16 -34.142.0.0/20 -34.142.112.0/20 -34.142.128.0/17 -34.142.16.0/20 -34.142.32.0/20 -34.142.48.0/20 -34.142.64.0/20 -34.142.80.0/20 -34.142.96.0/20 -34.143.0.0/16 -34.143.0.0/20 -34.143.112.0/20 -34.143.128.0/17 -34.143.16.0/20 -34.143.32.0/20 -34.143.48.0/20 -34.143.72.0/24 -34.143.73.0/24 -34.143.74.0/24 -34.143.75.0/24 -34.143.76.0/24 -34.143.77.0/24 -34.143.78.0/24 -34.143.79.0/24 -34.143.80.0/21 -34.143.96.0/20 -34.144.0.0/13 -34.144.0.0/14 -34.144.0.0/16 -34.144.112.0/20 -34.144.128.0/17 -34.144.16.0/20 -34.144.160.0/21 -34.144.32.0/20 -34.144.48.0/20 -34.144.64.0/20 -34.144.80.0/20 -34.144.96.0/20 -34.145.0.0/16 -34.145.0.0/20 -34.145.112.0/20 -34.145.128.0/20 -34.145.144.0/20 -34.145.16.0/20 -34.145.160.0/20 -34.145.176.0/20 -34.145.192.0/20 -34.145.208.0/20 -34.145.224.0/20 -34.145.240.0/20 -34.145.32.0/20 -34.145.48.0/20 -34.145.64.0/20 -34.145.80.0/20 -34.145.96.0/20 -34.146.0.0/16 -34.146.0.0/20 -34.146.112.0/20 -34.146.128.0/20 -34.146.144.0/20 -34.146.16.0/20 -34.146.160.0/20 -34.146.176.0/20 -34.146.192.0/20 -34.146.208.0/20 -34.146.224.0/20 -34.146.240.0/20 -34.146.32.0/20 -34.146.48.0/20 -34.146.64.0/20 -34.146.80.0/20 -34.146.96.0/20 -34.147.0.0/16 -34.147.0.0/20 -34.147.112.0/20 -34.147.128.0/20 -34.147.144.0/20 -34.147.16.0/20 -34.147.160.0/20 -34.147.176.0/20 -34.147.192.0/20 -34.147.208.0/20 -34.147.224.0/20 -34.147.240.0/20 -34.147.32.0/20 -34.147.48.0/20 -34.147.64.0/20 -34.147.80.0/20 -34.147.96.0/20 -34.148.0.0/14 -34.148.0.0/16 -34.148.0.0/20 -34.148.112.0/20 -34.148.128.0/20 -34.148.144.0/20 -34.148.16.0/20 -34.148.160.0/20 -34.148.176.0/20 -34.148.192.0/20 -34.148.208.0/20 -34.148.224.0/20 -34.148.240.0/20 -34.148.32.0/20 -34.148.48.0/20 -34.148.64.0/20 -34.148.80.0/20 -34.148.96.0/20 -34.150.0.0/16 -34.150.0.0/20 -34.150.112.0/20 -34.150.128.0/20 -34.150.144.0/20 -34.150.16.0/20 -34.150.160.0/20 -34.150.176.0/20 -34.150.192.0/20 -34.150.208.0/20 -34.150.224.0/20 -34.150.240.0/20 -34.150.32.0/20 -34.150.48.0/20 -34.150.64.0/20 -34.150.80.0/20 -34.150.96.0/20 -34.151.0.0/16 -34.151.0.0/20 -34.151.112.0/20 -34.151.128.0/20 -34.151.144.0/20 -34.151.16.0/20 -34.151.160.0/20 -34.151.176.0/20 -34.151.192.0/20 -34.151.208.0/20 -34.151.224.0/20 -34.151.240.0/20 -34.151.32.0/20 -34.151.48.0/20 -34.151.64.0/20 -34.151.80.0/20 -34.151.96.0/20 -34.152.0.0/13 -34.152.0.0/16 -34.152.0.0/20 -34.152.128.0/17 -34.152.16.0/20 -34.152.32.0/20 -34.152.48.0/20 -34.153.0.0/16 -34.153.0.0/17 -34.153.128.0/17 -34.154.0.0/16 -34.154.0.0/17 -34.154.128.0/17 -34.155.0.0/16 -34.155.0.0/17 -34.155.128.0/17 -34.156.0.0/16 -34.157.0.0/16 -34.158.0.0/16 -34.158.0.0/22 -34.158.252.0/22 -34.159.0.0/16 -34.159.0.0/17 -34.159.128.0/17 -34.16.0.0/12 -34.16.0.0/17 -34.16.128.0/17 -34.160.0.0/13 -34.160.0.0/14 -34.160.0.0/16 -34.161.0.0/16 -34.161.0.0/17 -34.161.128.0/17 -34.162.0.0/16 -34.162.0.0/18 -34.162.128.0/18 -34.162.192.0/18 -34.162.64.0/18 -34.163.0.0/16 -34.163.0.0/18 -34.163.128.0/18 -34.163.192.0/18 -34.163.64.0/18 -34.164.0.0/14 -34.164.0.0/16 -34.164.0.0/17 -34.164.128.0/17 -34.165.0.0/16 -34.165.0.0/17 -34.165.128.0/17 -34.166.0.0/16 -34.166.0.0/18 -34.166.128.0/18 -34.166.192.0/18 -34.166.64.0/18 -34.167.0.0/16 -34.168.0.0/13 -34.168.0.0/16 -34.168.0.0/17 -34.168.128.0/17 -34.169.0.0/16 -34.169.0.0/17 -34.169.128.0/17 -34.17.0.0/16 -34.170.0.0/16 -34.170.0.0/17 -34.170.128.0/17 -34.171.0.0/16 -34.171.0.0/17 -34.171.128.0/17 -34.172.0.0/16 -34.172.0.0/17 -34.172.128.0/17 -34.173.0.0/16 -34.173.0.0/17 -34.173.128.0/17 -34.174.0.0/16 -34.174.0.0/17 -34.174.128.0/17 -34.175.0.0/16 -34.175.0.0/17 -34.175.128.0/17 -34.176.0.0/13 -34.176.0.0/16 -34.176.0.0/20 -34.176.112.0/20 -34.176.128.0/20 -34.176.144.0/20 -34.176.16.0/20 -34.176.160.0/20 -34.176.176.0/20 -34.176.192.0/20 -34.176.208.0/20 -34.176.224.0/20 -34.176.240.0/20 -34.176.32.0/20 -34.176.48.0/20 -34.176.64.0/20 -34.176.80.0/20 -34.176.96.0/20 -34.177.0.0/16 -34.177.0.0/21 -34.177.124.0/22 -34.177.128.0/17 -34.177.16.0/21 -34.177.8.0/21 -34.178.0.0/16 -34.178.0.0/17 -34.178.128.0/17 -34.179.0.0/16 -34.18.0.0/16 -34.180.0.0/17 -34.181.0.0/16 -34.182.0.0/16 -34.183.0.0/16 -34.184.0.0/14 -34.184.0.0/16 -34.185.0.0/16 -34.186.0.0/16 -34.186.128.0/17 -34.187.0.0/16 -34.19.0.0/17 -34.19.128.0/17 -34.20.0.0/17 -34.20.128.0/17 -34.21.0.0/17 -34.21.128.0/17 -34.22.0.0/19 -34.22.112.0/20 -34.22.128.0/17 -34.22.32.0/19 -34.22.64.0/19 -34.22.96.0/20 -34.23.0.0/16 -34.24.0.0/16 -34.25.0.0/16 -34.26.0.0/16 -34.27.0.0/16 -34.28.0.0/16 -34.29.0.0/16 -34.3.0.0/23 -34.3.3.0/24 -34.3.4.0/24 -34.3.8.0/21 -34.30.0.0/16 -34.31.0.0/16 -34.32.0.0/11 -34.32.0.0/17 -34.32.128.0/17 -34.33.0.0/16 -34.34.0.0/17 -34.34.128.0/18 -34.34.192.0/24 -34.35.0.0/16 -34.37.0.0/16 -34.38.0.0/16 -34.39.0.0/17 -34.39.128.0/17 -34.4.0.0/22 -34.4.4.0/24 -34.4.5.0/24 -34.4.6.0/23 -34.4.8.0/21 -34.40.0.0/17 -34.40.128.0/17 -34.41.0.0/16 -34.42.0.0/16 -34.44.0.0/16 -34.45.0.0/16 -34.46.0.0/16 -34.47.0.0/18 -34.48.0.0/16 -34.64.0.0/11 -34.64.0.0/12 -34.64.0.0/14 -34.64.0.0/16 -34.64.112.0/20 -34.64.132.0/22 -34.64.136.0/21 -34.64.144.0/20 -34.64.160.0/20 -34.64.176.0/20 -34.64.192.0/20 -34.64.208.0/20 -34.64.224.0/20 -34.64.240.0/20 -34.64.32.0/19 -34.64.68.0/22 -34.64.72.0/21 -34.64.80.0/20 -34.64.96.0/20 -34.65.0.0/20 -34.65.112.0/20 -34.65.128.0/20 -34.65.144.0/20 -34.65.16.0/20 -34.65.160.0/20 -34.65.176.0/20 -34.65.192.0/20 -34.65.208.0/20 -34.65.224.0/20 -34.65.240.0/20 -34.65.32.0/20 -34.65.48.0/20 -34.65.64.0/20 -34.65.80.0/20 -34.65.96.0/20 -34.66.0.0/20 -34.66.112.0/20 -34.66.128.0/20 -34.66.144.0/20 -34.66.16.0/20 -34.66.160.0/20 -34.66.176.0/20 -34.66.192.0/20 -34.66.208.0/20 -34.66.224.0/20 -34.66.240.0/20 -34.66.32.0/20 -34.66.48.0/20 -34.66.64.0/20 -34.66.80.0/20 -34.66.96.0/20 -34.67.0.0/20 -34.67.112.0/20 -34.67.128.0/20 -34.67.144.0/20 -34.67.16.0/20 -34.67.160.0/20 -34.67.176.0/20 -34.67.192.0/20 -34.67.208.0/20 -34.67.224.0/20 -34.67.240.0/20 -34.67.32.0/20 -34.67.48.0/20 -34.67.64.0/20 -34.67.80.0/20 -34.67.96.0/20 -34.68.0.0/14 -34.68.0.0/20 -34.68.112.0/20 -34.68.128.0/20 -34.68.144.0/20 -34.68.16.0/20 -34.68.160.0/20 -34.68.176.0/20 -34.68.192.0/20 -34.68.208.0/20 -34.68.224.0/20 -34.68.240.0/20 -34.68.32.0/20 -34.68.48.0/20 -34.68.64.0/20 -34.68.80.0/20 -34.68.96.0/20 -34.69.0.0/20 -34.69.112.0/20 -34.69.128.0/20 -34.69.144.0/20 -34.69.16.0/20 -34.69.160.0/20 -34.69.176.0/20 -34.69.192.0/20 -34.69.208.0/20 -34.69.224.0/20 -34.69.240.0/20 -34.69.32.0/20 -34.69.48.0/20 -34.69.64.0/20 -34.69.80.0/20 -34.69.96.0/20 -34.70.0.0/20 -34.70.112.0/20 -34.70.128.0/20 -34.70.144.0/20 -34.70.16.0/20 -34.70.160.0/20 -34.70.176.0/20 -34.70.192.0/20 -34.70.208.0/20 -34.70.224.0/20 -34.70.240.0/20 -34.70.32.0/20 -34.70.48.0/20 -34.70.64.0/20 -34.70.80.0/20 -34.70.96.0/20 -34.71.0.0/20 -34.71.112.0/20 -34.71.128.0/20 -34.71.144.0/20 -34.71.16.0/20 -34.71.160.0/20 -34.71.176.0/20 -34.71.192.0/20 -34.71.208.0/20 -34.71.224.0/20 -34.71.240.0/20 -34.71.32.0/20 -34.71.48.0/20 -34.71.64.0/20 -34.71.80.0/20 -34.71.96.0/20 -34.72.0.0/14 -34.72.0.0/20 -34.72.112.0/20 -34.72.128.0/20 -34.72.144.0/20 -34.72.16.0/20 -34.72.160.0/20 -34.72.176.0/20 -34.72.192.0/20 -34.72.208.0/20 -34.72.224.0/20 -34.72.240.0/20 -34.72.32.0/20 -34.72.48.0/20 -34.72.64.0/20 -34.72.80.0/20 -34.72.96.0/20 -34.73.0.0/20 -34.73.112.0/20 -34.73.128.0/20 -34.73.144.0/20 -34.73.16.0/20 -34.73.160.0/20 -34.73.176.0/20 -34.73.192.0/20 -34.73.208.0/20 -34.73.224.0/20 -34.73.240.0/20 -34.73.32.0/20 -34.73.48.0/20 -34.73.64.0/20 -34.73.80.0/20 -34.73.96.0/20 -34.74.0.0/20 -34.74.112.0/20 -34.74.128.0/20 -34.74.144.0/20 -34.74.16.0/20 -34.74.160.0/20 -34.74.176.0/20 -34.74.192.0/20 -34.74.208.0/20 -34.74.224.0/20 -34.74.240.0/20 -34.74.32.0/20 -34.74.48.0/20 -34.74.64.0/20 -34.74.80.0/20 -34.74.96.0/20 -34.75.0.0/20 -34.75.112.0/20 -34.75.128.0/20 -34.75.144.0/20 -34.75.16.0/20 -34.75.160.0/20 -34.75.176.0/20 -34.75.192.0/20 -34.75.208.0/20 -34.75.224.0/20 -34.75.240.0/20 -34.75.32.0/20 -34.75.48.0/20 -34.75.64.0/20 -34.75.80.0/20 -34.75.96.0/20 -34.76.0.0/14 -34.76.0.0/20 -34.76.112.0/20 -34.76.128.0/20 -34.76.144.0/20 -34.76.16.0/20 -34.76.160.0/20 -34.76.176.0/20 -34.76.192.0/20 -34.76.208.0/20 -34.76.224.0/20 -34.76.240.0/20 -34.76.32.0/20 -34.76.48.0/20 -34.76.64.0/20 -34.76.80.0/20 -34.76.96.0/20 -34.77.0.0/20 -34.77.112.0/20 -34.77.128.0/20 -34.77.144.0/20 -34.77.16.0/20 -34.77.160.0/20 -34.77.176.0/20 -34.77.192.0/20 -34.77.208.0/20 -34.77.224.0/20 -34.77.240.0/20 -34.77.32.0/20 -34.77.48.0/20 -34.77.64.0/20 -34.77.80.0/20 -34.77.96.0/20 -34.78.0.0/20 -34.78.112.0/20 -34.78.128.0/20 -34.78.144.0/20 -34.78.16.0/20 -34.78.160.0/20 -34.78.176.0/20 -34.78.192.0/20 -34.78.208.0/20 -34.78.224.0/20 -34.78.240.0/20 -34.78.32.0/20 -34.78.48.0/20 -34.78.64.0/20 -34.78.80.0/20 -34.78.96.0/20 -34.79.0.0/20 -34.79.112.0/20 -34.79.128.0/20 -34.79.144.0/20 -34.79.16.0/20 -34.79.160.0/20 -34.79.176.0/20 -34.79.192.0/20 -34.79.208.0/20 -34.79.224.0/20 -34.79.240.0/20 -34.79.32.0/20 -34.79.48.0/20 -34.79.64.0/20 -34.79.80.0/20 -34.79.96.0/20 -34.8.0.0/13 -34.80.0.0/12 -34.80.0.0/14 -34.80.0.0/20 -34.80.112.0/20 -34.80.128.0/20 -34.80.144.0/20 -34.80.16.0/20 -34.80.160.0/20 -34.80.176.0/20 -34.80.192.0/20 -34.80.208.0/20 -34.80.224.0/20 -34.80.240.0/20 -34.80.32.0/20 -34.80.48.0/20 -34.80.64.0/20 -34.80.80.0/20 -34.80.96.0/20 -34.81.0.0/20 -34.81.112.0/20 -34.81.128.0/20 -34.81.144.0/20 -34.81.16.0/20 -34.81.160.0/20 -34.81.176.0/20 -34.81.192.0/20 -34.81.208.0/20 -34.81.224.0/20 -34.81.240.0/20 -34.81.32.0/20 -34.81.48.0/20 -34.81.64.0/20 -34.81.80.0/20 -34.81.96.0/20 -34.82.0.0/20 -34.82.112.0/20 -34.82.128.0/20 -34.82.144.0/20 -34.82.16.0/20 -34.82.160.0/20 -34.82.176.0/20 -34.82.192.0/20 -34.82.208.0/20 -34.82.224.0/20 -34.82.240.0/20 -34.82.32.0/20 -34.82.48.0/20 -34.82.64.0/20 -34.82.80.0/20 -34.82.96.0/20 -34.83.0.0/20 -34.83.112.0/20 -34.83.128.0/20 -34.83.144.0/20 -34.83.16.0/20 -34.83.160.0/20 -34.83.176.0/20 -34.83.192.0/20 -34.83.208.0/20 -34.83.224.0/20 -34.83.240.0/20 -34.83.32.0/20 -34.83.48.0/20 -34.83.64.0/20 -34.83.80.0/20 -34.83.96.0/20 -34.84.0.0/14 -34.84.0.0/20 -34.84.112.0/20 -34.84.128.0/20 -34.84.144.0/20 -34.84.16.0/20 -34.84.160.0/20 -34.84.176.0/20 -34.84.192.0/20 -34.84.208.0/20 -34.84.224.0/20 -34.84.240.0/20 -34.84.32.0/20 -34.84.48.0/20 -34.84.64.0/20 -34.84.80.0/20 -34.84.96.0/20 -34.85.0.0/20 -34.85.112.0/20 -34.85.128.0/20 -34.85.144.0/20 -34.85.16.0/20 -34.85.160.0/20 -34.85.176.0/20 -34.85.192.0/20 -34.85.208.0/20 -34.85.224.0/20 -34.85.240.0/20 -34.85.32.0/20 -34.85.48.0/20 -34.85.64.0/20 -34.85.80.0/20 -34.85.96.0/20 -34.86.0.0/20 -34.86.112.0/20 -34.86.128.0/20 -34.86.144.0/20 -34.86.16.0/20 -34.86.160.0/20 -34.86.176.0/20 -34.86.192.0/20 -34.86.208.0/20 -34.86.224.0/20 -34.86.240.0/20 -34.86.32.0/20 -34.86.48.0/20 -34.86.64.0/20 -34.86.80.0/20 -34.86.96.0/20 -34.87.0.0/20 -34.87.112.0/20 -34.87.128.0/20 -34.87.144.0/20 -34.87.16.0/20 -34.87.160.0/20 -34.87.176.0/20 -34.87.192.0/20 -34.87.208.0/20 -34.87.224.0/20 -34.87.240.0/20 -34.87.32.0/20 -34.87.48.0/20 -34.87.64.0/20 -34.87.80.0/20 -34.87.96.0/20 -34.88.0.0/14 -34.88.0.0/20 -34.88.112.0/20 -34.88.128.0/20 -34.88.144.0/20 -34.88.16.0/20 -34.88.160.0/20 -34.88.176.0/20 -34.88.192.0/20 -34.88.208.0/20 -34.88.224.0/20 -34.88.240.0/20 -34.88.32.0/20 -34.88.48.0/20 -34.88.64.0/20 -34.88.80.0/20 -34.88.96.0/20 -34.89.0.0/20 -34.89.112.0/20 -34.89.128.0/20 -34.89.144.0/20 -34.89.16.0/20 -34.89.160.0/20 -34.89.176.0/20 -34.89.192.0/20 -34.89.208.0/20 -34.89.224.0/20 -34.89.240.0/20 -34.89.32.0/20 -34.89.48.0/20 -34.89.64.0/20 -34.89.80.0/20 -34.89.96.0/20 -34.90.0.0/20 -34.90.112.0/20 -34.90.128.0/20 -34.90.144.0/20 -34.90.16.0/20 -34.90.160.0/20 -34.90.176.0/20 -34.90.192.0/20 -34.90.208.0/20 -34.90.224.0/20 -34.90.240.0/20 -34.90.32.0/20 -34.90.48.0/20 -34.90.64.0/20 -34.90.80.0/20 -34.90.96.0/20 -34.91.0.0/20 -34.91.112.0/20 -34.91.128.0/20 -34.91.144.0/20 -34.91.16.0/20 -34.91.160.0/20 -34.91.176.0/20 -34.91.192.0/20 -34.91.208.0/20 -34.91.224.0/20 -34.91.240.0/20 -34.91.32.0/20 -34.91.48.0/20 -34.91.64.0/20 -34.91.80.0/20 -34.91.96.0/20 -34.92.0.0/14 -34.92.0.0/16 -34.93.0.0/20 -34.93.112.0/20 -34.93.128.0/20 -34.93.144.0/20 -34.93.16.0/20 -34.93.160.0/20 -34.93.176.0/20 -34.93.192.0/20 -34.93.208.0/20 -34.93.224.0/20 -34.93.240.0/20 -34.93.32.0/20 -34.93.48.0/20 -34.93.64.0/20 -34.93.80.0/20 -34.93.96.0/20 -34.94.0.0/20 -34.94.112.0/20 -34.94.128.0/20 -34.94.144.0/20 -34.94.16.0/20 -34.94.160.0/20 -34.94.176.0/20 -34.94.192.0/20 -34.94.208.0/20 -34.94.224.0/20 -34.94.240.0/20 -34.94.32.0/20 -34.94.48.0/20 -34.94.64.0/20 -34.94.80.0/20 -34.94.96.0/20 -34.95.0.0/20 -34.95.128.0/20 -34.95.144.0/20 -34.95.16.0/20 -34.95.160.0/20 -34.95.176.0/20 -34.95.192.0/20 -34.95.208.0/20 -34.95.224.0/20 -34.95.240.0/20 -34.95.32.0/20 -34.95.48.0/20 -34.96.0.0/12 -34.96.0.0/14 -34.96.0.0/20 -34.96.128.0/20 -34.96.144.0/20 -34.96.16.0/20 -34.96.160.0/20 -34.96.176.0/20 -34.96.192.0/20 -34.96.208.0/20 -34.96.224.0/20 -34.96.240.0/20 -34.97.0.0/20 -34.97.112.0/20 -34.97.128.0/20 -34.97.144.0/20 -34.97.16.0/20 -34.97.160.0/20 -34.97.176.0/20 -34.97.192.0/20 -34.97.208.0/20 -34.97.224.0/20 -34.97.240.0/20 -34.97.32.0/20 -34.97.48.0/20 -34.97.64.0/20 -34.97.80.0/20 -34.97.96.0/20 -34.98.0.0/20 -34.98.128.0/21 -34.98.152.0/22 -34.98.156.0/22 -34.98.16.0/20 -34.98.160.0/20 -34.98.176.0/20 -34.98.192.0/20 -34.98.208.0/20 -34.98.224.0/20 -34.98.240.0/20 -34.98.32.0/20 -34.98.48.0/20 -34.99.0.0/20 -34.99.112.0/20 -34.99.128.0/20 -34.99.144.0/20 -34.99.16.0/20 -34.99.160.0/20 -34.99.176.0/20 -34.99.192.0/20 -34.99.208.0/20 -34.99.224.0/20 -34.99.240.0/20 -34.99.32.0/20 -34.99.48.0/20 -34.99.64.0/20 -34.99.80.0/21 -34.99.88.0/21 -34.99.96.0/20 -35.184.0.0/13 -35.184.0.0/19 -35.184.0.0/20 -35.184.112.0/20 -35.184.128.0/19 -35.184.128.0/20 -35.184.144.0/20 -35.184.16.0/20 -35.184.160.0/19 -35.184.160.0/20 -35.184.176.0/20 -35.184.192.0/19 -35.184.192.0/20 -35.184.208.0/20 -35.184.224.0/19 -35.184.224.0/20 -35.184.240.0/20 -35.184.32.0/19 -35.184.32.0/20 -35.184.48.0/20 -35.184.64.0/19 -35.184.64.0/20 -35.184.80.0/20 -35.184.96.0/19 -35.184.96.0/20 -35.185.0.0/19 -35.185.0.0/20 -35.185.112.0/20 -35.185.128.0/19 -35.185.128.0/20 -35.185.144.0/20 -35.185.16.0/20 -35.185.160.0/19 -35.185.160.0/20 -35.185.176.0/20 -35.185.192.0/19 -35.185.192.0/20 -35.185.208.0/20 -35.185.224.0/19 -35.185.224.0/20 -35.185.240.0/20 -35.185.32.0/19 -35.185.32.0/20 -35.185.48.0/20 -35.185.64.0/19 -35.185.64.0/20 -35.185.80.0/20 -35.185.96.0/19 -35.185.96.0/20 -35.186.0.0/16 -35.186.0.0/19 -35.186.0.0/20 -35.186.112.0/20 -35.186.128.0/19 -35.186.128.0/20 -35.186.144.0/20 -35.186.16.0/20 -35.186.160.0/19 -35.186.160.0/20 -35.186.176.0/20 -35.186.32.0/19 -35.186.32.0/20 -35.186.48.0/20 -35.186.64.0/19 -35.186.64.0/20 -35.186.80.0/20 -35.186.96.0/19 -35.186.96.0/20 -35.187.0.0/19 -35.187.0.0/20 -35.187.112.0/20 -35.187.128.0/19 -35.187.144.0/20 -35.187.16.0/20 -35.187.160.0/19 -35.187.160.0/20 -35.187.176.0/20 -35.187.192.0/19 -35.187.192.0/20 -35.187.208.0/20 -35.187.224.0/19 -35.187.224.0/20 -35.187.240.0/20 -35.187.32.0/19 -35.187.32.0/20 -35.187.48.0/20 -35.187.64.0/19 -35.187.64.0/20 -35.187.80.0/20 -35.187.96.0/19 -35.187.96.0/20 -35.188.0.0/19 -35.188.0.0/20 -35.188.112.0/20 -35.188.128.0/19 -35.188.128.0/20 -35.188.144.0/20 -35.188.16.0/20 -35.188.160.0/19 -35.188.160.0/20 -35.188.176.0/20 -35.188.192.0/19 -35.188.192.0/20 -35.188.208.0/20 -35.188.224.0/19 -35.188.224.0/20 -35.188.240.0/20 -35.188.32.0/19 -35.188.32.0/20 -35.188.48.0/20 -35.188.64.0/19 -35.188.64.0/20 -35.188.80.0/20 -35.188.96.0/19 -35.188.96.0/20 -35.189.0.0/19 -35.189.0.0/20 -35.189.112.0/20 -35.189.128.0/19 -35.189.128.0/20 -35.189.144.0/20 -35.189.16.0/20 -35.189.160.0/19 -35.189.160.0/20 -35.189.176.0/20 -35.189.192.0/19 -35.189.192.0/20 -35.189.208.0/20 -35.189.224.0/19 -35.189.224.0/20 -35.189.240.0/20 -35.189.32.0/19 -35.189.32.0/20 -35.189.48.0/20 -35.189.64.0/19 -35.189.64.0/20 -35.189.80.0/20 -35.189.96.0/19 -35.189.96.0/20 -35.190.0.0/16 -35.190.128.0/19 -35.190.128.0/20 -35.190.144.0/20 -35.190.160.0/19 -35.190.160.0/20 -35.190.176.0/20 -35.190.192.0/19 -35.190.192.0/20 -35.190.208.0/20 -35.190.224.0/19 -35.190.224.0/20 -35.190.240.0/23 -35.190.242.0/23 -35.190.244.0/23 -35.190.246.0/23 -35.192.0.0/14 -35.192.0.0/20 -35.192.112.0/20 -35.192.128.0/20 -35.192.144.0/20 -35.192.16.0/20 -35.192.160.0/20 -35.192.176.0/20 -35.192.192.0/20 -35.192.208.0/20 -35.192.224.0/20 -35.192.240.0/20 -35.192.32.0/20 -35.192.48.0/20 -35.192.64.0/20 -35.192.80.0/20 -35.192.96.0/20 -35.193.0.0/20 -35.193.112.0/20 -35.193.128.0/20 -35.193.144.0/20 -35.193.16.0/20 -35.193.160.0/20 -35.193.176.0/20 -35.193.192.0/20 -35.193.208.0/20 -35.193.224.0/20 -35.193.240.0/20 -35.193.32.0/20 -35.193.48.0/20 -35.193.64.0/20 -35.193.80.0/20 -35.193.96.0/20 -35.194.0.0/20 -35.194.112.0/20 -35.194.128.0/20 -35.194.144.0/20 -35.194.16.0/20 -35.194.160.0/20 -35.194.176.0/20 -35.194.192.0/20 -35.194.208.0/20 -35.194.224.0/20 -35.194.240.0/20 -35.194.32.0/20 -35.194.48.0/20 -35.194.64.0/20 -35.194.80.0/20 -35.194.96.0/20 -35.195.0.0/20 -35.195.112.0/20 -35.195.128.0/20 -35.195.144.0/20 -35.195.16.0/20 -35.195.160.0/20 -35.195.176.0/20 -35.195.192.0/20 -35.195.208.0/20 -35.195.224.0/20 -35.195.240.0/20 -35.195.32.0/20 -35.195.48.0/20 -35.195.64.0/20 -35.195.80.0/20 -35.195.96.0/20 -35.196.0.0/15 -35.196.0.0/20 -35.196.112.0/20 -35.196.128.0/20 -35.196.144.0/20 -35.196.16.0/20 -35.196.160.0/20 -35.196.176.0/20 -35.196.192.0/20 -35.196.208.0/20 -35.196.224.0/20 -35.196.240.0/20 -35.196.32.0/20 -35.196.48.0/20 -35.196.64.0/20 -35.196.80.0/20 -35.196.96.0/20 -35.197.0.0/20 -35.197.112.0/20 -35.197.128.0/20 -35.197.144.0/20 -35.197.16.0/20 -35.197.160.0/20 -35.197.176.0/20 -35.197.192.0/20 -35.197.208.0/20 -35.197.224.0/20 -35.197.240.0/20 -35.197.32.0/20 -35.197.48.0/20 -35.197.64.0/20 -35.197.80.0/20 -35.197.96.0/20 -35.198.0.0/16 -35.198.0.0/20 -35.198.112.0/20 -35.198.128.0/20 -35.198.144.0/20 -35.198.16.0/20 -35.198.160.0/20 -35.198.176.0/20 -35.198.192.0/20 -35.198.208.0/20 -35.198.224.0/20 -35.198.240.0/20 -35.198.32.0/20 -35.198.48.0/20 -35.198.64.0/20 -35.198.80.0/20 -35.198.96.0/20 -35.199.0.0/17 -35.199.0.0/20 -35.199.112.0/20 -35.199.128.0/18 -35.199.128.0/20 -35.199.144.0/20 -35.199.16.0/20 -35.199.160.0/20 -35.199.176.0/20 -35.199.32.0/20 -35.199.48.0/20 -35.199.64.0/20 -35.199.80.0/20 -35.199.96.0/20 -35.200.0.0/14 -35.200.0.0/15 -35.200.0.0/20 -35.200.112.0/20 -35.200.128.0/20 -35.200.144.0/20 -35.200.16.0/20 -35.200.160.0/20 -35.200.176.0/20 -35.200.192.0/20 -35.200.208.0/20 -35.200.224.0/20 -35.200.240.0/20 -35.200.32.0/20 -35.200.48.0/20 -35.200.64.0/20 -35.200.80.0/20 -35.200.96.0/20 -35.201.0.0/20 -35.201.128.0/20 -35.201.144.0/20 -35.201.16.0/20 -35.201.160.0/20 -35.201.176.0/20 -35.201.192.0/20 -35.201.208.0/20 -35.201.224.0/20 -35.201.240.0/20 -35.201.32.0/24 -35.201.33.0/24 -35.201.34.0/24 -35.201.35.0/24 -35.201.36.0/24 -35.201.37.0/24 -35.201.38.0/24 -35.201.39.0/24 -35.201.40.0/24 -35.201.41.0/24 -35.201.42.0/24 -35.201.43.0/24 -35.201.44.0/24 -35.201.45.0/24 -35.201.46.0/24 -35.201.47.0/24 -35.202.0.0/15 -35.202.0.0/20 -35.202.112.0/20 -35.202.128.0/20 -35.202.144.0/20 -35.202.16.0/20 -35.202.160.0/20 -35.202.176.0/20 -35.202.192.0/20 -35.202.208.0/20 -35.202.224.0/20 -35.202.240.0/20 -35.202.32.0/20 -35.202.48.0/20 -35.202.64.0/20 -35.202.80.0/20 -35.202.96.0/20 -35.203.0.0/20 -35.203.112.0/20 -35.203.128.0/20 -35.203.144.0/20 -35.203.16.0/20 -35.203.160.0/20 -35.203.176.0/20 -35.203.192.0/20 -35.203.208.0/24 -35.203.209.0/24 -35.203.210.0/24 -35.203.211.0/24 -35.203.212.0/24 -35.203.213.0/24 -35.203.214.0/24 -35.203.215.0/24 -35.203.216.0/24 -35.203.217.0/24 -35.203.218.0/24 -35.203.219.0/24 -35.203.220.0/24 -35.203.221.0/24 -35.203.222.0/24 -35.203.223.0/24 -35.203.224.0/23 -35.203.224.0/24 -35.203.225.0/24 -35.203.226.0/23 -35.203.228.0/23 -35.203.230.0/24 -35.203.232.0/21 -35.203.32.0/20 -35.203.48.0/20 -35.203.64.0/20 -35.203.80.0/20 -35.203.96.0/20 -35.204.0.0/15 -35.204.0.0/20 -35.204.112.0/20 -35.204.128.0/20 -35.204.144.0/20 -35.204.16.0/20 -35.204.160.0/20 -35.204.176.0/20 -35.204.192.0/20 -35.204.208.0/20 -35.204.224.0/20 -35.204.240.0/20 -35.204.32.0/20 -35.204.48.0/20 -35.204.64.0/20 -35.204.80.0/20 -35.204.96.0/20 -35.205.0.0/20 -35.205.112.0/20 -35.205.128.0/20 -35.205.144.0/20 -35.205.16.0/20 -35.205.160.0/20 -35.205.176.0/20 -35.205.192.0/20 -35.205.208.0/20 -35.205.224.0/20 -35.205.240.0/20 -35.205.32.0/20 -35.205.48.0/20 -35.205.64.0/20 -35.205.80.0/20 -35.205.96.0/20 -35.206.0.0/24 -35.206.1.0/24 -35.206.128.0/18 -35.206.192.0/18 -35.206.2.0/24 -35.206.3.0/24 -35.206.32.0/19 -35.206.4.0/24 -35.206.5.0/24 -35.206.6.0/24 -35.206.64.0/18 -35.206.9.0/24 -35.207.0.0/18 -35.207.128.0/18 -35.207.64.0/18 -35.208.0.0/15 -35.210.0.0/16 -35.211.0.0/16 -35.212.0.0/17 -35.212.128.0/17 -35.213.0.0/17 -35.213.128.0/18 -35.213.192.0/18 -35.214.0.0/17 -35.214.128.0/17 -35.215.0.0/18 -35.215.128.0/18 -35.215.192.0/18 -35.215.64.0/18 -35.216.0.0/17 -35.216.128.0/17 -35.217.0.0/18 -35.217.128.0/17 -35.217.64.0/18 -35.219.0.0/17 -35.219.128.0/18 -35.219.224.0/19 -35.220.0.0/14 -35.220.128.0/20 -35.220.144.0/20 -35.220.160.0/20 -35.220.176.0/20 -35.220.192.0/20 -35.220.208.0/20 -35.220.224.0/20 -35.220.240.0/20 -35.221.0.0/20 -35.221.112.0/20 -35.221.128.0/20 -35.221.144.0/20 -35.221.16.0/20 -35.221.160.0/20 -35.221.176.0/20 -35.221.192.0/20 -35.221.208.0/20 -35.221.224.0/20 -35.221.240.0/20 -35.221.32.0/20 -35.221.48.0/20 -35.221.64.0/20 -35.221.80.0/20 -35.221.96.0/20 -35.222.0.0/21 -35.222.104.0/21 -35.222.112.0/21 -35.222.120.0/21 -35.222.128.0/21 -35.222.136.0/21 -35.222.144.0/21 -35.222.152.0/21 -35.222.16.0/21 -35.222.160.0/21 -35.222.168.0/21 -35.222.176.0/21 -35.222.184.0/21 -35.222.192.0/21 -35.222.200.0/21 -35.222.208.0/21 -35.222.216.0/21 -35.222.224.0/21 -35.222.232.0/21 -35.222.24.0/21 -35.222.240.0/21 -35.222.248.0/21 -35.222.32.0/21 -35.222.40.0/21 -35.222.48.0/21 -35.222.56.0/21 -35.222.64.0/21 -35.222.72.0/21 -35.222.8.0/21 -35.222.80.0/21 -35.222.88.0/21 -35.222.96.0/21 -35.223.0.0/20 -35.223.112.0/20 -35.223.128.0/20 -35.223.144.0/20 -35.223.16.0/20 -35.223.160.0/20 -35.223.176.0/20 -35.223.192.0/20 -35.223.208.0/20 -35.223.224.0/20 -35.223.240.0/20 -35.223.32.0/20 -35.223.48.0/20 -35.223.64.0/20 -35.223.80.0/20 -35.223.96.0/20 -35.224.0.0/14 -35.224.0.0/20 -35.224.112.0/20 -35.224.128.0/20 -35.224.144.0/20 -35.224.16.0/20 -35.224.160.0/20 -35.224.176.0/20 -35.224.192.0/20 -35.224.208.0/20 -35.224.224.0/20 -35.224.240.0/20 -35.224.32.0/20 -35.224.48.0/20 -35.224.64.0/20 -35.224.80.0/20 -35.224.96.0/20 -35.225.0.0/20 -35.225.112.0/20 -35.225.128.0/20 -35.225.144.0/20 -35.225.16.0/20 -35.225.160.0/20 -35.225.176.0/20 -35.225.192.0/20 -35.225.208.0/20 -35.225.224.0/20 -35.225.240.0/20 -35.225.32.0/20 -35.225.48.0/20 -35.225.64.0/20 -35.225.80.0/20 -35.225.96.0/20 -35.226.0.0/20 -35.226.112.0/20 -35.226.128.0/20 -35.226.144.0/20 -35.226.16.0/20 -35.226.160.0/20 -35.226.176.0/20 -35.226.192.0/20 -35.226.208.0/20 -35.226.224.0/20 -35.226.240.0/20 -35.226.32.0/20 -35.226.48.0/20 -35.226.64.0/20 -35.226.80.0/20 -35.226.96.0/20 -35.227.0.0/16 -35.227.0.0/20 -35.227.112.0/20 -35.227.128.0/20 -35.227.144.0/20 -35.227.16.0/20 -35.227.160.0/20 -35.227.176.0/20 -35.227.32.0/20 -35.227.48.0/20 -35.227.64.0/20 -35.227.80.0/20 -35.227.96.0/20 -35.228.0.0/14 -35.228.0.0/20 -35.228.112.0/20 -35.228.128.0/20 -35.228.144.0/20 -35.228.16.0/20 -35.228.160.0/20 -35.228.176.0/20 -35.228.192.0/20 -35.228.208.0/20 -35.228.224.0/20 -35.228.240.0/20 -35.228.32.0/20 -35.228.48.0/20 -35.228.64.0/20 -35.228.80.0/20 -35.228.96.0/20 -35.229.0.0/20 -35.229.112.0/20 -35.229.128.0/17 -35.229.16.0/20 -35.229.32.0/20 -35.229.48.0/20 -35.229.64.0/20 -35.229.80.0/20 -35.229.96.0/20 -35.230.0.0/16 -35.230.0.0/17 -35.230.128.0/19 -35.230.160.0/19 -35.230.196.0/22 -35.230.200.0/22 -35.230.204.0/24 -35.230.205.0/24 -35.230.206.0/24 -35.230.207.0/24 -35.230.208.0/22 -35.230.212.0/22 -35.230.216.0/21 -35.230.224.0/21 -35.230.240.0/20 -35.231.0.0/17 -35.231.128.0/17 -35.232.0.0/14 -35.232.0.0/16 -35.233.0.0/17 -35.233.128.0/17 -35.234.0.0/18 -35.234.128.0/19 -35.234.160.0/20 -35.234.176.0/20 -35.234.192.0/20 -35.234.208.0/20 -35.234.224.0/20 -35.234.240.0/20 -35.234.64.0/18 -35.235.0.0/16 -35.235.0.0/20 -35.235.128.0/20 -35.235.144.0/20 -35.235.16.0/20 -35.235.162.0/24 -35.235.163.0/24 -35.235.192.0/21 -35.235.200.0/21 -35.235.208.0/22 -35.235.216.0/21 -35.235.224.0/23 -35.235.226.0/23 -35.235.228.0/23 -35.235.230.0/23 -35.235.32.0/20 -35.235.48.0/20 -35.235.64.0/18 -35.236.0.0/14 -35.236.0.0/17 -35.236.128.0/20 -35.236.144.0/20 -35.236.160.0/20 -35.236.176.0/20 -35.236.192.0/20 -35.236.208.0/20 -35.236.224.0/20 -35.236.240.0/20 -35.237.0.0/16 -35.238.0.0/20 -35.238.112.0/20 -35.238.128.0/20 -35.238.144.0/20 -35.238.16.0/20 -35.238.160.0/20 -35.238.176.0/20 -35.238.192.0/20 -35.238.208.0/20 -35.238.224.0/20 -35.238.240.0/20 -35.238.32.0/20 -35.238.48.0/20 -35.238.64.0/20 -35.238.80.0/20 -35.238.96.0/20 -35.239.0.0/20 -35.239.112.0/20 -35.239.128.0/20 -35.239.144.0/20 -35.239.16.0/20 -35.239.160.0/20 -35.239.176.0/20 -35.239.192.0/20 -35.239.208.0/20 -35.239.224.0/20 -35.239.240.0/20 -35.239.32.0/20 -35.239.48.0/20 -35.239.64.0/20 -35.239.80.0/20 -35.239.96.0/20 -35.240.0.0/14 -35.240.0.0/20 -35.240.112.0/20 -35.240.128.0/20 -35.240.144.0/20 -35.240.16.0/20 -35.240.160.0/20 -35.240.176.0/20 -35.240.192.0/20 -35.240.208.0/20 -35.240.224.0/20 -35.240.240.0/20 -35.240.32.0/20 -35.240.48.0/20 -35.240.64.0/20 -35.240.80.0/20 -35.240.96.0/20 -35.241.0.0/16 -35.241.112.0/20 -35.241.128.0/20 -35.241.144.0/20 -35.241.160.0/20 -35.241.176.0/20 -35.241.192.0/20 -35.241.208.0/20 -35.241.224.0/20 -35.241.240.0/20 -35.241.64.0/20 -35.241.80.0/20 -35.241.96.0/20 -35.242.128.0/20 -35.242.144.0/20 -35.242.160.0/20 -35.242.176.0/20 -35.242.192.0/20 -35.242.208.0/20 -35.242.224.0/20 -35.242.240.0/20 -35.243.0.0/21 -35.243.112.0/20 -35.243.128.0/20 -35.243.144.0/20 -35.243.160.0/20 -35.243.176.0/20 -35.243.192.0/20 -35.243.208.0/20 -35.243.224.0/20 -35.243.240.0/20 -35.243.32.0/21 -35.243.40.0/21 -35.243.48.0/21 -35.243.56.0/21 -35.243.64.0/20 -35.243.8.0/21 -35.243.80.0/20 -35.243.96.0/20 -35.244.0.0/14 -35.244.0.0/16 -35.244.0.0/20 -35.244.112.0/20 -35.244.16.0/20 -35.244.32.0/20 -35.244.48.0/20 -35.244.64.0/20 -35.244.80.0/20 -35.244.96.0/20 -35.245.0.0/20 -35.245.112.0/20 -35.245.128.0/20 -35.245.144.0/20 -35.245.16.0/20 -35.245.160.0/20 -35.245.176.0/20 -35.245.192.0/20 -35.245.208.0/20 -35.245.224.0/20 -35.245.240.0/20 -35.245.32.0/20 -35.245.48.0/20 -35.245.64.0/20 -35.245.80.0/20 -35.245.96.0/20 -35.246.0.0/20 -35.246.112.0/20 -35.246.128.0/20 -35.246.144.0/20 -35.246.16.0/20 -35.246.160.0/20 -35.246.176.0/20 -35.246.192.0/20 -35.246.208.0/20 -35.246.224.0/20 -35.246.240.0/20 -35.246.32.0/20 -35.246.48.0/20 -35.246.64.0/20 -35.246.80.0/20 -35.246.96.0/20 -35.247.0.0/20 -35.247.112.0/20 -35.247.128.0/20 -35.247.144.0/20 -35.247.16.0/20 -35.247.160.0/20 -35.247.176.0/20 -35.247.192.0/20 -35.247.208.0/20 -35.247.224.0/20 -35.247.240.0/20 -35.247.32.0/20 -35.247.48.0/20 -35.247.64.0/20 -35.247.80.0/20 -35.247.96.0/20 -43.229.32.0/23 -43.231.13.0/24 -43.231.15.0/24 -45.128.172.0/24 -45.150.56.0/24 -45.159.34.0/24 -45.250.160.0/24 -45.66.81.0/24 -45.88.10.0/24 -45.91.254.0/24 -46.16.164.0/24 -46.16.166.0/24 -46.19.170.0/24 -46.235.152.0/21 -52.119.11.0/24 -63.141.158.0/24 -63.141.159.0/24 -64.15.112.0/20 -64.233.160.0/19 -64.233.160.0/24 -64.233.161.0/24 -64.233.162.0/24 -64.233.163.0/24 -64.233.164.0/24 -64.233.165.0/24 -64.233.166.0/24 -64.233.167.0/24 -64.233.168.0/24 -64.233.169.0/24 -64.233.170.0/24 -64.233.171.0/24 -64.233.172.0/23 -64.233.176.0/24 -64.233.177.0/24 -64.233.178.0/24 -64.233.179.0/24 -64.233.181.0/24 -64.233.182.0/24 -64.233.183.0/24 -64.233.184.0/24 -64.233.185.0/24 -64.233.186.0/24 -64.233.187.0/24 -64.233.188.0/24 -64.233.189.0/24 -64.233.190.0/24 -64.233.191.0/24 -64.6.19.0/24 -64.9.224.0/23 -64.9.224.0/24 -64.9.225.0/24 -64.9.228.0/23 -64.9.228.0/24 -64.9.229.0/24 -64.9.236.0/22 -64.9.244.0/22 -64.9.248.0/22 -64.9.252.0/22 -66.102.0.0/20 -66.102.0.0/24 -66.102.1.0/24 -66.102.2.0/24 -66.102.3.0/24 -66.102.4.0/24 -66.102.8.0/23 -66.159.192.0/19 -66.170.109.0/24 -66.22.228.0/24 -66.22.229.0/24 -66.249.64.0/19 -66.249.64.0/20 -66.249.80.0/22 -66.249.84.0/23 -66.249.88.0/24 -67.199.248.0/24 -69.48.232.0/24 -70.32.128.0/19 -70.32.128.0/24 -70.32.129.0/24 -70.32.131.0/24 -70.32.140.0/24 -70.32.141.0/24 -70.32.142.0/24 -70.32.143.0/24 -70.32.145.0/24 -70.32.148.0/24 -70.32.149.0/24 -70.32.150.0/24 -70.32.152.0/23 -70.32.154.0/24 -70.32.155.0/24 -70.32.156.0/24 -70.32.157.0/24 -70.32.158.0/24 -70.32.159.0/24 -72.14.192.0/18 -74.112.186.0/24 -74.112.187.0/24 -74.120.14.0/24 -74.125.0.0/16 -74.125.0.0/20 -74.125.124.0/24 -74.125.125.0/24 -74.125.126.0/24 -74.125.127.0/24 -74.125.128.0/24 -74.125.129.0/24 -74.125.130.0/24 -74.125.131.0/24 -74.125.132.0/24 -74.125.133.0/24 -74.125.134.0/24 -74.125.135.0/24 -74.125.136.0/24 -74.125.137.0/24 -74.125.138.0/24 -74.125.139.0/24 -74.125.140.0/24 -74.125.141.0/24 -74.125.142.0/24 -74.125.143.0/24 -74.125.152.0/21 -74.125.176.0/20 -74.125.192.0/24 -74.125.193.0/24 -74.125.194.0/24 -74.125.195.0/24 -74.125.196.0/24 -74.125.197.0/24 -74.125.198.0/24 -74.125.199.0/24 -74.125.20.0/24 -74.125.200.0/24 -74.125.201.0/24 -74.125.202.0/24 -74.125.203.0/24 -74.125.204.0/24 -74.125.205.0/24 -74.125.206.0/24 -74.125.207.0/24 -74.125.21.0/24 -74.125.22.0/24 -74.125.225.0/24 -74.125.226.0/24 -74.125.227.0/24 -74.125.228.0/24 -74.125.23.0/24 -74.125.230.0/24 -74.125.232.0/24 -74.125.234.0/24 -74.125.235.0/24 -74.125.236.0/24 -74.125.238.0/24 -74.125.24.0/24 -74.125.25.0/24 -74.125.250.0/24 -74.125.26.0/24 -74.125.28.0/24 -74.125.29.0/24 -74.125.31.0/24 -74.125.38.0/24 -74.125.39.0/24 -74.125.44.0/22 -74.125.6.0/24 -74.125.64.0/24 -74.125.65.0/24 -74.125.66.0/24 -74.125.68.0/24 -74.125.69.0/24 -74.125.70.0/24 -74.125.71.0/24 -74.125.72.0/22 -74.221.128.0/24 -74.51.254.0/24 -80.91.225.0/24 -85.208.67.0/24 -85.208.98.0/24 -87.238.241.0/24 -89.207.224.0/24 -89.207.228.0/24 -89.207.229.0/24 -89.207.231.0/24 -91.197.141.0/24 -91.199.181.0/24 -91.241.14.0/24 -92.119.244.0/24 -92.119.245.0/24 -92.119.246.0/24 -98.158.240.0/20 -98.98.157.0/24 -101.102.103.0/24 -103.10.108.0/24 -103.101.215.0/24 -103.123.131.0/24 -103.125.224.0/24 -103.141.214.0/24 -103.157.55.0/24 -103.165.152.0/24 -103.165.153.0/24 -103.169.213.0/24 -103.177.50.0/23 -103.20.245.0/24 -103.224.174.0/24 -103.230.57.0/24 -103.232.218.0/24 -103.242.79.0/24 -103.246.36.0/22 -103.56.211.0/24 -103.73.115.0/24 -103.9.96.0/22 -104.132.0.0/14 -104.132.114.0/24 -104.132.117.0/24 -104.132.118.0/24 -104.132.119.0/24 -104.132.124.0/24 -104.132.133.0/24 -104.132.140.0/24 -104.132.142.0/24 -104.132.146.0/24 -104.132.153.0/24 -104.132.154.0/24 -104.132.162.0/24 -104.132.169.0/24 -104.132.179.0/24 -104.132.185.0/24 -104.132.186.0/24 -104.132.191.0/24 -104.132.207.0/24 -104.132.213.0/24 -104.132.214.0/24 -104.132.215.0/24 -104.132.222.0/24 -104.132.25.0/24 -104.132.31.0/24 -104.132.37.0/24 -104.132.38.0/24 -104.132.40.0/24 -104.132.42.0/24 -104.132.57.0/24 -104.132.59.0/24 -104.132.6.0/24 -104.132.61.0/24 -104.132.62.0/24 -104.132.72.0/24 -104.133.128.0/23 -104.133.5.0/24 -104.133.6.0/24 -104.133.7.0/24 -104.134.131.0/24 -104.134.137.0/24 -104.134.138.0/24 -104.134.139.0/24 -104.134.140.0/24 -104.134.147.0/24 -104.134.151.0/24 -104.134.152.0/24 -104.134.153.0/24 -104.134.154.0/24 -104.134.156.0/24 -104.134.157.0/24 -104.134.158.0/24 -104.134.159.0/24 -104.134.160.0/23 -104.134.162.0/24 -104.134.163.0/24 -104.134.164.0/24 -104.134.166.0/24 -104.134.167.0/24 -104.134.168.0/24 -104.134.169.0/24 -104.134.170.0/24 -104.134.172.0/24 -104.134.176.0/24 -104.134.177.0/24 -104.134.179.0/24 -104.134.180.0/24 -104.134.185.0/24 -104.134.188.0/24 -104.134.191.0/24 -104.134.196.0/24 -104.134.200.0/24 -104.134.203.0/24 -104.134.206.0/24 -104.134.207.0/24 -104.134.210.0/24 -104.134.211.0/24 -104.134.212.0/24 -104.134.217.0/24 -104.134.232.0/24 -104.134.233.0/24 -104.134.236.0/24 -104.134.237.0/24 -104.134.70.0/23 -104.134.71.0/24 -104.135.192.0/20 -104.135.200.0/24 -104.135.204.0/23 -104.135.208.0/20 -104.135.216.0/24 -104.135.220.0/23 -104.135.253.0/24 -104.135.254.0/24 -104.154.0.0/15 -104.154.0.0/19 -104.154.0.0/20 -104.154.112.0/24 -104.154.113.0/24 -104.154.114.0/24 -104.154.115.0/24 -104.154.116.0/24 -104.154.117.0/24 -104.154.118.0/24 -104.154.119.0/24 -104.154.120.0/24 -104.154.121.0/24 -104.154.122.0/24 -104.154.123.0/24 -104.154.126.0/23 -104.154.128.0/19 -104.154.128.0/20 -104.154.144.0/20 -104.154.16.0/20 -104.154.160.0/19 -104.154.160.0/20 -104.154.176.0/20 -104.154.192.0/19 -104.154.192.0/20 -104.154.208.0/20 -104.154.224.0/19 -104.154.224.0/20 -104.154.240.0/20 -104.154.32.0/19 -104.154.32.0/20 -104.154.48.0/20 -104.154.64.0/19 -104.154.64.0/20 -104.154.80.0/20 -104.154.96.0/19 -104.154.96.0/20 -104.155.0.0/19 -104.155.0.0/20 -104.155.112.0/20 -104.155.128.0/19 -104.155.128.0/20 -104.155.144.0/20 -104.155.16.0/20 -104.155.160.0/19 -104.155.160.0/20 -104.155.176.0/20 -104.155.192.0/19 -104.155.192.0/20 -104.155.208.0/20 -104.155.224.0/19 -104.155.224.0/20 -104.155.240.0/20 -104.155.32.0/19 -104.155.32.0/20 -104.155.48.0/20 -104.155.64.0/19 -104.155.64.0/20 -104.155.80.0/20 -104.155.96.0/19 -104.155.96.0/20 -104.195.120.0/22 -104.195.127.0/24 -104.196.0.0/14 -104.196.0.0/19 -104.196.0.0/20 -104.196.112.0/20 -104.196.128.0/19 -104.196.128.0/20 -104.196.144.0/20 -104.196.16.0/20 -104.196.160.0/19 -104.196.160.0/20 -104.196.176.0/20 -104.196.192.0/19 -104.196.192.0/20 -104.196.208.0/20 -104.196.224.0/19 -104.196.224.0/20 -104.196.240.0/20 -104.196.32.0/19 -104.196.32.0/20 -104.196.48.0/20 -104.196.64.0/19 -104.196.64.0/24 -104.196.65.0/24 -104.196.66.0/24 -104.196.67.0/24 -104.196.68.0/24 -104.196.69.0/24 -104.196.70.0/24 -104.196.71.0/24 -104.196.72.0/24 -104.196.73.0/24 -104.196.74.0/24 -104.196.75.0/24 -104.196.76.0/24 -104.196.77.0/24 -104.196.78.0/24 -104.196.79.0/24 -104.196.80.0/20 -104.196.96.0/19 -104.196.96.0/20 -104.197.0.0/19 -104.197.0.0/20 -104.197.112.0/20 -104.197.128.0/19 -104.197.128.0/20 -104.197.144.0/20 -104.197.16.0/20 -104.197.160.0/19 -104.197.160.0/20 -104.197.176.0/20 -104.197.192.0/19 -104.197.192.0/20 -104.197.208.0/20 -104.197.224.0/19 -104.197.224.0/20 -104.197.240.0/20 -104.197.32.0/19 -104.197.32.0/20 -104.197.48.0/20 -104.197.64.0/19 -104.197.64.0/20 -104.197.80.0/20 -104.197.96.0/19 -104.197.96.0/20 -104.198.0.0/19 -104.198.0.0/20 -104.198.112.0/20 -104.198.128.0/19 -104.198.128.0/20 -104.198.144.0/20 -104.198.16.0/20 -104.198.160.0/19 -104.198.160.0/20 -104.198.176.0/20 -104.198.192.0/19 -104.198.192.0/20 -104.198.208.0/20 -104.198.224.0/19 -104.198.224.0/20 -104.198.240.0/20 -104.198.32.0/19 -104.198.32.0/20 -104.198.48.0/20 -104.198.64.0/19 -104.198.64.0/20 -104.198.80.0/20 -104.198.96.0/19 -104.198.96.0/20 -104.199.0.0/19 -104.199.0.0/20 -104.199.112.0/20 -104.199.128.0/19 -104.199.128.0/20 -104.199.144.0/20 -104.199.16.0/20 -104.199.160.0/19 -104.199.160.0/20 -104.199.176.0/20 -104.199.192.0/19 -104.199.192.0/20 -104.199.208.0/20 -104.199.224.0/19 -104.199.224.0/20 -104.199.240.0/23 -104.199.242.0/23 -104.199.244.0/22 -104.199.248.0/21 -104.199.32.0/19 -104.199.32.0/20 -104.199.48.0/20 -104.199.64.0/19 -104.199.64.0/23 -104.199.66.0/23 -104.199.68.0/22 -104.199.72.0/21 -104.199.80.0/20 -104.199.96.0/19 -104.199.96.0/20 -104.237.160.0/19 -104.237.160.0/24 -104.237.164.0/24 -104.237.167.0/24 -104.237.168.0/24 -104.237.169.0/24 -104.237.170.0/24 -104.237.171.0/24 -104.237.172.0/24 -107.167.160.0/19 -107.167.160.0/24 -107.167.161.0/24 -107.167.162.0/24 -107.167.163.0/24 -107.167.164.0/24 -107.167.165.0/24 -107.167.166.0/24 -107.167.167.0/24 -107.167.168.0/24 -107.167.169.0/24 -107.167.170.0/24 -107.167.171.0/24 -107.167.172.0/24 -107.167.173.0/24 -107.167.174.0/24 -107.167.175.0/24 -107.167.176.0/24 -107.167.177.0/24 -107.167.178.0/24 -107.167.179.0/24 -107.167.180.0/24 -107.167.181.0/24 -107.167.182.0/24 -107.167.183.0/24 -107.167.184.0/24 -107.167.185.0/24 -107.167.186.0/24 -107.167.187.0/24 -107.167.188.0/24 -107.167.189.0/24 -107.167.190.0/24 -107.167.191.0/24 -107.178.192.0/18 -107.178.192.0/19 -107.178.208.0/20 -107.178.224.0/19 -108.170.192.0/18 -108.170.192.0/24 -108.170.193.0/24 -108.170.194.0/24 -108.170.195.0/24 -108.170.198.0/24 -108.170.199.0/24 -108.170.200.0/24 -108.170.201.0/24 -108.170.202.0/24 -108.170.203.0/24 -108.170.204.0/24 -108.170.205.0/24 -108.170.206.0/24 -108.170.207.0/24 -108.170.208.0/24 -108.170.209.0/24 -108.170.210.0/24 -108.170.211.0/24 -108.170.212.0/24 -108.170.213.0/24 -108.170.214.0/24 -108.170.215.0/24 -108.170.217.0/24 -108.170.218.0/24 -108.170.219.0/24 -108.170.222.0/24 -108.170.223.0/24 -108.177.0.0/17 -108.177.10.0/24 -108.177.100.0/24 -108.177.101.0/24 -108.177.102.0/24 -108.177.103.0/24 -108.177.104.0/24 -108.177.108.0/24 -108.177.109.0/24 -108.177.11.0/24 -108.177.110.0/24 -108.177.111.0/24 -108.177.112.0/24 -108.177.113.0/24 -108.177.114.0/24 -108.177.115.0/24 -108.177.116.0/24 -108.177.117.0/24 -108.177.118.0/24 -108.177.119.0/24 -108.177.12.0/24 -108.177.120.0/24 -108.177.121.0/24 -108.177.122.0/24 -108.177.125.0/24 -108.177.126.0/24 -108.177.127.0/24 -108.177.13.0/24 -108.177.14.0/24 -108.177.15.0/24 -108.177.8.0/24 -108.177.9.0/24 -108.177.96.0/24 -108.177.97.0/24 -108.177.98.0/24 -108.177.99.0/24 -108.59.80.0/20 -108.59.80.0/24 -108.59.81.0/24 -108.59.82.0/24 -108.59.83.0/24 -108.59.84.0/24 -108.59.85.0/24 -108.59.86.0/24 -108.59.87.0/24 -108.59.88.0/24 -108.59.89.0/24 -108.59.90.0/24 -108.59.91.0/24 -108.59.92.0/24 -108.59.93.0/24 -108.59.94.0/24 -108.59.95.0/24 -109.235.99.0/24 -109.68.56.0/21 -109.95.124.0/22 -114.141.120.0/24 -114.141.121.0/24 -114.141.122.0/24 -114.141.123.0/24 -114.141.124.0/24 -114.141.125.0/24 -114.141.126.0/24 -114.141.127.0/24 -128.77.64.0/19 -130.211.0.0/16 -130.211.0.0/17 -130.211.112.0/20 -130.211.128.0/18 -130.211.192.0/20 -130.211.208.0/20 -130.211.224.0/20 -130.211.240.0/20 -130.211.48.0/20 -130.211.64.0/19 -130.211.96.0/20 -130.41.0.0/18 -130.41.132.0/23 -130.41.144.0/20 -130.41.160.0/19 -130.41.192.0/19 -130.41.224.0/20 -130.41.242.0/23 -130.41.244.0/22 -130.41.248.0/22 -130.41.252.0/24 -130.41.253.0/24 -130.41.64.0/18 -134.195.26.0/23 -134.238.0.0/16 -135.84.69.0/24 -136.22.100.0/24 -136.22.101.0/24 -136.22.102.0/24 -136.22.103.0/24 -136.22.104.0/24 -136.22.105.0/24 -136.22.106.0/24 -136.22.107.0/24 -136.22.108.0/24 -136.22.109.0/24 -136.22.110.0/24 -136.22.111.0/24 -136.22.112.0/24 -136.22.113.0/24 -136.22.114.0/24 -136.22.115.0/24 -136.22.12.0/24 -136.22.122.0/23 -136.22.13.0/24 -136.22.14.0/24 -136.22.15.0/24 -136.22.16.0/24 -136.22.17.0/24 -136.22.18.0/24 -136.22.19.0/24 -136.22.20.0/24 -136.22.21.0/24 -136.22.224.0/24 -136.22.225.0/24 -136.22.226.0/24 -136.22.227.0/24 -136.22.228.0/23 -136.22.231.0/24 -136.22.232.0/24 -136.22.233.0/24 -136.22.237.0/24 -136.22.239.0/24 -136.22.240.0/24 -136.22.241.0/24 -136.22.64.0/23 -136.22.64.0/24 -136.22.65.0/24 -136.22.76.0/22 -136.22.83.0/24 -136.22.86.0/23 -136.22.86.0/24 -136.22.87.0/24 -136.22.92.0/24 -136.22.93.0/24 -136.22.94.0/24 -136.22.95.0/24 -136.22.96.0/24 -136.22.97.0/24 -136.22.98.0/24 -136.22.99.0/24 -136.23.0.0/24 -136.23.1.0/24 -136.23.10.0/24 -136.23.11.0/24 -136.23.12.0/24 -136.23.13.0/24 -136.23.14.0/24 -136.23.15.0/24 -136.23.16.0/24 -136.23.17.0/24 -136.23.18.0/24 -136.23.19.0/24 -136.23.2.0/24 -136.23.20.0/24 -136.23.21.0/24 -136.23.22.0/24 -136.23.23.0/24 -136.23.24.0/24 -136.23.25.0/24 -136.23.26.0/24 -136.23.27.0/24 -136.23.28.0/24 -136.23.29.0/24 -136.23.3.0/24 -136.23.32.0/24 -136.23.33.0/24 -136.23.34.0/24 -136.23.35.0/24 -136.23.36.0/24 -136.23.37.0/24 -136.23.4.0/24 -136.23.5.0/24 -136.23.6.0/24 -136.23.7.0/24 -136.23.8.0/24 -136.23.9.0/24 -137.83.213.0/24 -137.83.215.0/24 -137.83.216.0/21 -137.83.224.0/20 -137.83.240.0/21 -137.83.248.0/23 -137.83.250.0/24 -141.202.0.0/20 -141.202.254.0/24 -142.147.12.0/24 -142.147.14.0/24 -142.250.0.0/15 -142.250.0.0/24 -142.250.1.0/24 -142.250.10.0/24 -142.250.100.0/24 -142.250.101.0/24 -142.250.102.0/24 -142.250.103.0/24 -142.250.105.0/24 -142.250.106.0/24 -142.250.107.0/24 -142.250.109.0/24 -142.250.11.0/24 -142.250.110.0/24 -142.250.111.0/24 -142.250.112.0/24 -142.250.113.0/24 -142.250.114.0/24 -142.250.115.0/24 -142.250.116.0/24 -142.250.118.0/24 -142.250.119.0/24 -142.250.12.0/24 -142.250.120.0/24 -142.250.122.0/24 -142.250.123.0/24 -142.250.124.0/24 -142.250.125.0/24 -142.250.126.0/24 -142.250.128.0/24 -142.250.13.0/24 -142.250.130.0/24 -142.250.131.0/24 -142.250.132.0/24 -142.250.133.0/24 -142.250.134.0/24 -142.250.135.0/24 -142.250.136.0/24 -142.250.137.0/24 -142.250.138.0/24 -142.250.139.0/24 -142.250.14.0/24 -142.250.141.0/24 -142.250.142.0/24 -142.250.144.0/24 -142.250.145.0/24 -142.250.147.0/24 -142.250.148.0/24 -142.250.149.0/24 -142.250.15.0/24 -142.250.150.0/24 -142.250.151.0/24 -142.250.152.0/24 -142.250.153.0/24 -142.250.154.0/24 -142.250.157.0/24 -142.250.158.0/24 -142.250.159.0/24 -142.250.16.0/24 -142.250.17.0/24 -142.250.176.0/24 -142.250.178.0/24 -142.250.18.0/24 -142.250.180.0/24 -142.250.181.0/24 -142.250.182.0/24 -142.250.183.0/24 -142.250.184.0/24 -142.250.185.0/24 -142.250.188.0/24 -142.250.189.0/24 -142.250.19.0/24 -142.250.190.0/24 -142.250.196.0/24 -142.250.199.0/24 -142.250.2.0/24 -142.250.20.0/24 -142.250.204.0/24 -142.250.205.0/24 -142.250.206.0/24 -142.250.207.0/24 -142.250.21.0/24 -142.250.216.0/24 -142.250.217.0/24 -142.250.218.0/24 -142.250.219.0/24 -142.250.22.0/24 -142.250.23.0/24 -142.250.24.0/24 -142.250.25.0/24 -142.250.26.0/24 -142.250.27.0/24 -142.250.28.0/24 -142.250.29.0/24 -142.250.3.0/24 -142.250.30.0/24 -142.250.31.0/24 -142.250.4.0/24 -142.250.5.0/24 -142.250.6.0/24 -142.250.64.0/24 -142.250.65.0/24 -142.250.66.0/24 -142.250.67.0/24 -142.250.68.0/24 -142.250.69.0/24 -142.250.70.0/24 -142.250.71.0/24 -142.250.72.0/24 -142.250.73.0/24 -142.250.74.0/24 -142.250.75.0/24 -142.250.76.0/24 -142.250.77.0/24 -142.250.78.0/24 -142.250.79.0/24 -142.250.8.0/24 -142.250.80.0/24 -142.250.81.0/24 -142.250.82.0/24 -142.250.9.0/24 -142.250.92.0/23 -142.250.96.0/24 -142.250.97.0/24 -142.250.98.0/24 -142.250.99.0/24 -142.251.0.0/24 -142.251.1.0/24 -142.251.10.0/24 -142.251.107.0/24 -142.251.109.0/24 -142.251.111.0/24 -142.251.112.0/24 -142.251.116.0/24 -142.251.117.0/24 -142.251.12.0/24 -142.251.120.0/24 -142.251.123.0/24 -142.251.124.0/24 -142.251.125.0/24 -142.251.128.0/24 -142.251.129.0/24 -142.251.132.0/24 -142.251.144.0/24 -142.251.145.0/24 -142.251.146.0/24 -142.251.147.0/24 -142.251.148.0/24 -142.251.149.0/24 -142.251.15.0/24 -142.251.150.0/24 -142.251.151.0/24 -142.251.152.0/24 -142.251.153.0/24 -142.251.154.0/24 -142.251.155.0/24 -142.251.156.0/24 -142.251.157.0/24 -142.251.158.0/24 -142.251.159.0/24 -142.251.16.0/24 -142.251.160.0/24 -142.251.161.0/24 -142.251.162.0/24 -142.251.163.0/24 -142.251.164.0/24 -142.251.165.0/24 -142.251.166.0/24 -142.251.167.0/24 -142.251.168.0/24 -142.251.169.0/24 -142.251.170.0/24 -142.251.171.0/24 -142.251.172.0/24 -142.251.173.0/24 -142.251.174.0/24 -142.251.175.0/24 -142.251.176.0/24 -142.251.177.0/24 -142.251.178.0/24 -142.251.179.0/24 -142.251.18.0/24 -142.251.19.0/24 -142.251.2.0/24 -142.251.20.0/24 -142.251.27.0/24 -142.251.29.0/24 -142.251.31.0/24 -142.251.32.0/24 -142.251.33.0/24 -142.251.34.0/24 -142.251.35.0/24 -142.251.36.0/24 -142.251.37.0/24 -142.251.38.0/24 -142.251.39.0/24 -142.251.4.0/24 -142.251.40.0/24 -142.251.41.0/24 -142.251.42.0/24 -142.251.43.0/24 -142.251.44.0/24 -142.251.45.0/24 -142.251.46.0/24 -142.251.47.0/24 -142.251.48.0/24 -142.251.49.0/24 -142.251.5.0/24 -142.251.50.0/24 -142.251.51.0/24 -142.251.52.0/24 -142.251.53.0/24 -142.251.54.0/24 -142.251.55.0/24 -142.251.56.0/24 -142.251.57.0/24 -142.251.58.0/24 -142.251.59.0/24 -142.251.6.0/24 -142.251.60.0/24 -142.251.61.0/24 -142.251.62.0/24 -142.251.63.0/24 -142.251.8.0/24 -142.251.9.0/24 -144.49.128.0/18 -144.49.200.0/22 -144.49.208.0/20 -144.49.224.0/21 -144.49.232.0/22 -144.49.236.0/22 -144.49.240.0/21 -144.49.248.0/21 -144.49.96.0/19 -144.86.173.0/24 -146.148.0.0/17 -146.148.112.0/20 -146.148.16.0/20 -146.148.2.0/23 -146.148.32.0/20 -146.148.4.0/22 -146.148.48.0/20 -146.148.64.0/20 -146.148.8.0/21 -146.148.80.0/20 -146.148.96.0/20 -147.124.188.0/24 -147.124.190.0/24 -147.124.191.0/24 -147.146.240.0/20 -147.185.132.0/22 -147.189.238.0/24 -147.189.239.0/24 -148.64.0.0/19 -148.80.64.0/22 -148.80.68.0/22 -149.77.121.0/24 -152.131.248.0/22 -152.132.248.0/22 -152.133.248.0/22 -155.184.0.0/19 -156.77.128.0/20 -156.93.224.0/23 -158.51.129.0/24 -161.38.184.0/24 -161.38.56.0/24 -161.38.57.0/24 -161.38.58.0/24 -162.120.128.0/23 -162.120.130.0/23 -162.120.132.0/23 -162.120.134.0/23 -162.120.136.0/23 -162.120.138.0/23 -162.120.140.0/23 -162.120.142.0/23 -162.120.144.0/24 -162.120.145.0/24 -162.120.146.0/24 -162.120.147.0/24 -162.120.148.0/24 -162.120.149.0/24 -162.120.150.0/24 -162.120.151.0/24 -162.120.152.0/24 -162.120.153.0/24 -162.120.154.0/24 -162.120.155.0/24 -162.120.156.0/24 -162.120.157.0/24 -162.120.158.0/24 -162.120.159.0/24 -162.120.160.0/24 -162.120.161.0/24 -162.120.162.0/24 -162.120.163.0/24 -162.120.164.0/24 -162.120.165.0/24 -162.120.167.0/24 -162.120.168.0/23 -162.120.170.0/23 -162.120.172.0/24 -162.120.173.0/24 -162.120.174.0/24 -162.120.175.0/24 -162.120.176.0/24 -162.216.148.0/22 -162.216.148.0/24 -162.216.149.0/24 -162.216.150.0/24 -162.216.151.0/24 -162.216.248.0/24 -162.216.249.0/24 -162.216.250.0/24 -162.216.251.0/24 -162.222.176.0/21 -162.222.176.0/24 -162.222.177.0/24 -162.222.178.0/24 -162.222.179.0/24 -162.222.180.0/24 -162.222.181.0/24 -162.222.182.0/24 -162.222.183.0/24 -162.222.78.0/24 -162.222.79.0/24 -162.240.199.0/24 -162.244.0.0/24 -162.244.1.0/24 -162.247.196.0/24 -162.247.96.0/21 -162.251.20.0/22 -165.1.128.0/19 -165.1.172.0/22 -165.1.176.0/20 -165.1.192.0/18 -165.85.0.0/18 -165.85.128.0/20 -165.85.146.0/23 -165.85.148.0/23 -165.85.152.0/21 -165.85.160.0/19 -165.85.192.0/20 -165.85.208.0/20 -165.85.224.0/20 -165.85.240.0/21 -165.85.249.0/24 -165.85.96.0/19 -166.73.4.0/23 -167.234.37.0/24 -168.100.24.0/22 -168.149.128.0/18 -168.235.234.0/24 -170.10.143.0/24 -170.10.222.0/24 -170.114.50.0/24 -170.114.69.0/24 -170.176.240.0/21 -172.102.10.0/24 -172.102.11.0/24 -172.102.12.0/24 -172.102.13.0/24 -172.102.14.0/24 -172.102.15.0/24 -172.102.8.0/24 -172.102.9.0/24 -172.110.32.0/21 -172.110.44.0/24 -172.217.0.0/16 -172.217.0.0/24 -172.217.1.0/24 -172.217.10.0/24 -172.217.11.0/24 -172.217.12.0/24 -172.217.128.0/19 -172.217.13.0/24 -172.217.14.0/24 -172.217.15.0/24 -172.217.16.0/24 -172.217.17.0/24 -172.217.176.0/24 -172.217.177.0/24 -172.217.178.0/24 -172.217.179.0/24 -172.217.18.0/24 -172.217.19.0/24 -172.217.192.0/24 -172.217.193.0/24 -172.217.194.0/24 -172.217.195.0/24 -172.217.196.0/24 -172.217.197.0/24 -172.217.198.0/24 -172.217.199.0/24 -172.217.2.0/24 -172.217.20.0/24 -172.217.200.0/24 -172.217.201.0/24 -172.217.202.0/24 -172.217.203.0/24 -172.217.204.0/24 -172.217.205.0/24 -172.217.206.0/24 -172.217.207.0/24 -172.217.208.0/24 -172.217.209.0/24 -172.217.21.0/24 -172.217.210.0/24 -172.217.211.0/24 -172.217.212.0/24 -172.217.213.0/24 -172.217.214.0/24 -172.217.215.0/24 -172.217.216.0/24 -172.217.217.0/24 -172.217.218.0/24 -172.217.219.0/24 -172.217.22.0/24 -172.217.220.0/24 -172.217.221.0/24 -172.217.222.0/24 -172.217.223.0/24 -172.217.23.0/24 -172.217.24.0/24 -172.217.25.0/24 -172.217.26.0/24 -172.217.27.0/24 -172.217.28.0/24 -172.217.29.0/24 -172.217.3.0/24 -172.217.30.0/24 -172.217.31.0/24 -172.217.4.0/24 -172.217.5.0/24 -172.217.56.0/21 -172.217.6.0/24 -172.217.62.0/24 -172.217.63.0/24 -172.217.7.0/24 -172.217.8.0/24 -172.217.9.0/24 -172.253.0.0/16 -172.253.112.0/24 -172.253.113.0/24 -172.253.114.0/24 -172.253.115.0/24 -172.253.116.0/24 -172.253.117.0/24 -172.253.118.0/24 -172.253.119.0/24 -172.253.120.0/24 -172.253.121.0/24 -172.253.122.0/24 -172.253.123.0/24 -172.253.124.0/24 -172.253.125.0/24 -172.253.126.0/24 -172.253.127.0/24 -172.253.16.0/20 -172.253.16.0/24 -172.253.17.0/24 -172.253.18.0/24 -172.253.19.0/24 -172.253.20.0/24 -172.253.21.0/24 -172.253.23.0/24 -172.253.56.0/24 -172.253.57.0/24 -172.253.58.0/24 -172.253.59.0/24 -172.253.60.0/24 -172.253.62.0/24 -172.253.63.0/24 -173.194.0.0/16 -173.194.0.0/19 -173.194.112.0/24 -173.194.113.0/24 -173.194.117.0/24 -173.194.118.0/24 -173.194.119.0/24 -173.194.120.0/24 -173.194.121.0/24 -173.194.124.0/24 -173.194.128.0/20 -173.194.132.0/24 -173.194.136.0/24 -173.194.140.0/24 -173.194.141.0/24 -173.194.142.0/24 -173.194.144.0/20 -173.194.160.0/21 -173.194.172.0/24 -173.194.173.0/24 -173.194.174.0/24 -173.194.175.0/24 -173.194.176.0/20 -173.194.192.0/24 -173.194.193.0/24 -173.194.194.0/24 -173.194.195.0/24 -173.194.196.0/24 -173.194.197.0/24 -173.194.198.0/24 -173.194.199.0/24 -173.194.200.0/24 -173.194.201.0/24 -173.194.202.0/24 -173.194.203.0/24 -173.194.204.0/24 -173.194.205.0/24 -173.194.206.0/24 -173.194.207.0/24 -173.194.208.0/24 -173.194.209.0/24 -173.194.210.0/24 -173.194.211.0/24 -173.194.212.0/24 -173.194.213.0/24 -173.194.214.0/24 -173.194.215.0/24 -173.194.216.0/24 -173.194.217.0/24 -173.194.218.0/24 -173.194.219.0/24 -173.194.220.0/24 -173.194.221.0/24 -173.194.222.0/24 -173.194.223.0/24 -173.194.32.0/24 -173.194.34.0/24 -173.194.35.0/24 -173.194.36.0/24 -173.194.37.0/24 -173.194.38.0/24 -173.194.39.0/24 -173.194.40.0/24 -173.194.41.0/24 -173.194.42.0/24 -173.194.44.0/24 -173.194.46.0/24 -173.194.48.0/20 -173.194.53.0/24 -173.194.63.0/24 -173.194.64.0/24 -173.194.66.0/24 -173.194.67.0/24 -173.194.68.0/24 -173.194.69.0/24 -173.194.7.0/24 -173.194.70.0/24 -173.194.71.0/24 -173.194.72.0/24 -173.194.73.0/24 -173.194.74.0/24 -173.194.75.0/24 -173.194.76.0/24 -173.194.77.0/24 -173.194.78.0/24 -173.194.79.0/24 -173.194.96.0/21 -173.255.112.0/20 -173.255.112.0/24 -173.255.113.0/24 -173.255.114.0/24 -173.255.115.0/24 -173.255.116.0/24 -173.255.117.0/24 -173.255.118.0/24 -173.255.119.0/24 -173.255.120.0/24 -173.255.121.0/24 -173.255.122.0/24 -173.255.123.0/24 -173.255.124.0/24 -173.255.125.0/24 -173.255.126.0/24 -173.255.127.0/24 -176.113.47.0/24 -178.249.140.0/23 -185.110.98.0/24 -185.137.157.0/24 -185.142.144.0/24 -185.142.145.0/24 -185.142.146.0/24 -185.145.247.0/24 -185.146.174.0/24 -185.146.175.0/24 -185.162.80.0/22 -185.168.204.0/24 -185.180.142.0/24 -185.180.48.0/22 -185.188.93.0/24 -185.197.148.0/24 -185.207.237.0/24 -185.225.161.0/24 -185.227.234.0/24 -185.235.238.0/24 -185.235.239.0/24 -185.241.47.0/24 -185.249.220.0/24 -185.25.28.0/23 -185.30.28.0/22 -185.46.233.0/24 -185.56.84.0/24 -185.56.85.0/24 -185.56.86.0/24 -185.56.87.0/24 -185.73.224.0/24 -185.76.36.0/24 -185.81.120.0/24 -185.81.121.0/24 -185.88.148.0/22 -185.92.208.0/24 -185.94.240.0/23 -185.94.242.0/23 -188.92.121.0/24 -188.92.122.0/24 -188.92.136.0/24 -188.92.137.0/24 -192.104.36.0/24 -192.107.133.0/24 -192.149.17.0/24 -192.158.28.0/22 -192.158.28.0/24 -192.158.29.0/24 -192.158.30.0/24 -192.158.31.0/24 -192.178.0.0/15 -192.178.40.0/24 -192.178.41.0/24 -192.178.42.0/24 -192.178.43.0/24 -192.19.120.0/24 -192.19.255.0/24 -192.200.190.0/24 -192.200.191.0/24 -192.34.32.0/23 -192.40.69.0/24 -192.69.115.0/24 -193.108.15.0/24 -193.151.72.0/22 -193.177.222.0/24 -193.186.4.0/24 -193.73.208.0/24 -194.187.56.0/22 -194.38.4.0/22 -195.10.199.0/24 -195.149.126.0/24 -195.234.145.0/24 -198.135.124.0/23 -198.135.184.0/24 -198.179.226.0/24 -198.179.227.0/24 -198.235.24.0/24 -199.103.85.0/24 -199.116.168.0/21 -199.166.212.0/24 -199.19.248.0/21 -199.192.112.0/22 -199.192.113.0/24 -199.192.114.0/24 -199.192.115.0/24 -199.223.232.0/21 -199.223.232.0/24 -199.223.233.0/24 -199.223.234.0/24 -199.223.235.0/24 -199.223.236.0/24 -199.223.237.0/24 -199.244.98.0/24 -199.244.99.0/24 -199.247.32.0/20 -199.250.249.0/24 -199.36.154.0/23 -199.36.156.0/24 -199.47.186.0/24 -199.47.187.0/24 -199.47.27.0/24 -199.65.28.0/24 -199.91.151.0/24 -202.14.19.0/24 -202.250.28.0/24 -202.92.198.0/24 -202.92.199.0/24 -203.4.188.0/23 -203.4.190.0/23 -204.10.52.0/22 -204.107.8.0/24 -204.138.99.0/24 -204.62.215.0/24 -204.87.186.0/24 -205.210.31.0/24 -206.126.251.0/24 -207.126.144.0/22 -207.154.144.0/22 -207.223.160.0/20 -208.112.128.0/24 -208.112.129.0/24 -208.112.130.0/24 -208.112.131.0/24 -208.112.132.0/24 -208.112.133.0/24 -208.112.142.0/24 -208.112.143.0/24 -208.112.192.0/24 -208.112.193.0/24 -208.112.194.0/24 -208.112.195.0/24 -208.112.196.0/24 -208.112.197.0/24 -208.117.224.0/19 -208.117.254.0/24 -208.127.0.0/17 -208.127.128.0/18 -208.127.192.0/21 -208.127.208.0/20 -208.127.224.0/21 -208.127.232.0/21 -208.127.240.0/21 -208.127.248.0/21 -208.56.18.0/24 -208.56.24.0/24 -208.56.32.0/24 -208.56.33.0/24 -208.56.34.0/24 -208.56.38.0/24 -208.56.42.0/23 -208.65.152.0/22 -208.67.156.0/22 -208.68.108.0/22 -208.76.68.0/24 -208.81.188.0/22 -208.86.170.0/23 -208.94.216.0/24 -208.94.223.0/24 -209.107.176.0/24 -209.107.177.0/24 -209.107.178.0/24 -209.107.179.0/24 -209.107.180.0/24 -209.107.181.0/24 -209.107.182.0/24 -209.107.183.0/24 -209.107.184.0/24 -209.107.185.0/24 -209.107.186.0/24 -209.107.187.0/24 -209.107.188.0/24 -209.107.189.0/24 -209.107.190.0/24 -209.107.191.0/24 -209.133.250.0/24 -209.133.255.0/24 -209.188.98.0/24 -209.209.125.0/24 -209.85.128.0/17 -209.85.144.0/24 -209.85.145.0/24 -209.85.146.0/24 -209.85.147.0/24 -209.85.164.0/23 -209.85.200.0/24 -209.85.201.0/24 -209.85.202.0/24 -209.85.203.0/24 -209.85.232.0/24 -209.85.233.0/24 -209.85.234.0/24 -209.85.235.0/24 -212.11.79.0/24 -216.239.32.0/19 -216.239.32.0/24 -216.239.33.0/24 -216.239.34.0/24 -216.239.35.0/24 -216.239.36.0/24 -216.239.38.0/24 -216.239.39.0/24 -216.252.220.0/24 -216.252.221.0/24 -216.58.192.0/19 -216.58.192.0/22 -216.58.196.0/23 -216.58.198.0/24 -216.58.199.0/24 -216.58.200.0/24 -216.58.201.0/24 -216.58.202.0/24 -216.58.203.0/24 -216.58.204.0/23 -216.58.206.0/23 -216.58.208.0/24 -216.58.209.0/24 -216.58.210.0/24 -216.58.211.0/24 -216.58.212.0/24 -216.58.213.0/24 -216.58.214.0/24 -216.58.215.0/24 -216.58.216.0/24 -216.58.217.0/24 -216.58.218.0/24 -216.58.219.0/24 -216.58.220.0/24 -216.58.221.0/24 -216.58.222.0/24 -216.58.223.0/24 -216.59.133.0/24 -216.73.80.0/20 -217.169.118.0/24 -223.29.216.0/22 +# Googlebot updated 2026-04-15 +# wget https://developers.google.com/search/apis/ipranges/googlebot.json +# jq .prefixes[].ipv4Prefix,.prefixes[].ipv6Prefix googlebot.json | grep -v null | sed "s/\"//g" +192.178.4.0/27 +192.178.4.128/27 +192.178.4.160/27 +192.178.4.192/27 +192.178.4.224/27 +192.178.4.32/27 +192.178.4.64/27 +192.178.4.96/27 +192.178.5.0/27 +192.178.6.0/27 +192.178.6.128/27 +192.178.6.160/27 +192.178.6.192/27 +192.178.6.224/27 +192.178.6.32/27 +192.178.6.64/27 +192.178.6.96/27 +192.178.7.0/27 +192.178.7.128/27 +192.178.7.160/27 +192.178.7.192/27 +192.178.7.224/27 +192.178.7.32/27 +192.178.7.64/27 +192.178.7.96/27 +34.100.182.96/28 +34.101.50.144/28 +34.118.254.0/28 +34.118.66.0/28 +34.126.178.96/28 +34.146.150.144/28 +34.147.110.144/28 +34.151.74.144/28 +34.152.50.64/28 +34.154.114.144/28 +34.155.98.32/28 +34.165.18.176/28 +34.175.160.64/28 +34.176.130.16/28 +34.22.85.0/27 +34.64.82.64/28 +34.65.242.112/28 +34.80.50.80/28 +34.88.194.0/28 +34.89.10.80/28 +34.89.198.80/28 +34.96.162.48/28 +35.247.243.240/28 +66.249.64.0/27 +66.249.64.128/27 +66.249.64.160/27 +66.249.64.192/27 +66.249.64.224/27 +66.249.64.32/27 +66.249.64.64/27 +66.249.64.96/27 +66.249.65.0/27 +66.249.65.128/27 +66.249.65.160/27 +66.249.65.192/27 +66.249.65.224/27 +66.249.65.32/27 +66.249.65.64/27 +66.249.65.96/27 +66.249.66.0/27 +66.249.66.128/27 +66.249.66.160/27 +66.249.66.192/27 +66.249.66.224/27 +66.249.66.32/27 +66.249.66.64/27 +66.249.66.96/27 +66.249.67.0/27 +66.249.67.32/27 +66.249.67.64/27 +66.249.68.0/27 +66.249.68.128/27 +66.249.68.160/27 +66.249.68.192/27 +66.249.68.32/27 +66.249.68.64/27 +66.249.68.96/27 +66.249.69.0/27 +66.249.69.128/27 +66.249.69.160/27 +66.249.69.192/27 +66.249.69.224/27 +66.249.69.32/27 +66.249.69.64/27 +66.249.69.96/27 +66.249.70.0/27 +66.249.70.128/27 +66.249.70.160/27 +66.249.70.192/27 +66.249.70.224/27 +66.249.70.32/27 +66.249.70.64/27 +66.249.70.96/27 +66.249.71.0/27 +66.249.71.128/27 +66.249.71.160/27 +66.249.71.192/27 +66.249.71.224/27 +66.249.71.32/27 +66.249.71.64/27 +66.249.71.96/27 +66.249.72.0/27 +66.249.72.128/27 +66.249.72.160/27 +66.249.72.192/27 +66.249.72.224/27 +66.249.72.32/27 +66.249.72.64/27 +66.249.73.0/27 +66.249.73.128/27 +66.249.73.160/27 +66.249.73.192/27 +66.249.73.224/27 +66.249.73.32/27 +66.249.73.64/27 +66.249.73.96/27 +66.249.74.0/27 +66.249.74.128/27 +66.249.74.160/27 +66.249.74.192/27 +66.249.74.224/27 +66.249.74.32/27 +66.249.74.64/27 +66.249.74.96/27 +66.249.75.0/27 +66.249.75.128/27 +66.249.75.160/27 +66.249.75.192/27 +66.249.75.224/27 +66.249.75.32/27 +66.249.75.64/27 +66.249.75.96/27 +66.249.76.0/27 +66.249.76.128/27 +66.249.76.160/27 +66.249.76.192/27 +66.249.76.224/27 +66.249.76.32/27 +66.249.76.64/27 +66.249.76.96/27 +66.249.77.0/27 +66.249.77.128/27 +66.249.77.160/27 +66.249.77.192/27 +66.249.77.224/27 +66.249.77.32/27 +66.249.77.64/27 +66.249.77.96/27 +66.249.78.0/27 +66.249.78.128/27 +66.249.78.160/27 +66.249.78.32/27 +66.249.78.64/27 +66.249.78.96/27 +66.249.79.0/27 +66.249.79.128/27 +66.249.79.160/27 +66.249.79.192/27 +66.249.79.224/27 +66.249.79.32/27 +66.249.79.64/27 +2001:4860:4801:10::/64 +2001:4860:4801:12::/64 +2001:4860:4801:13::/64 +2001:4860:4801:14::/64 +2001:4860:4801:15::/64 +2001:4860:4801:16::/64 +2001:4860:4801:17::/64 +2001:4860:4801:18::/64 +2001:4860:4801:19::/64 +2001:4860:4801:1a::/64 +2001:4860:4801:1b::/64 +2001:4860:4801:1c::/64 +2001:4860:4801:1d::/64 +2001:4860:4801:1e::/64 +2001:4860:4801:1f::/64 +2001:4860:4801:20::/64 +2001:4860:4801:21::/64 +2001:4860:4801:22::/64 +2001:4860:4801:23::/64 +2001:4860:4801:24::/64 +2001:4860:4801:25::/64 +2001:4860:4801:26::/64 +2001:4860:4801:27::/64 +2001:4860:4801:28::/64 +2001:4860:4801:29::/64 +2001:4860:4801:2::/64 +2001:4860:4801:2a::/64 +2001:4860:4801:2b::/64 +2001:4860:4801:2c::/64 +2001:4860:4801:2d::/64 +2001:4860:4801:2e::/64 +2001:4860:4801:2f::/64 +2001:4860:4801:30::/64 +2001:4860:4801:31::/64 +2001:4860:4801:32::/64 +2001:4860:4801:33::/64 +2001:4860:4801:34::/64 +2001:4860:4801:35::/64 +2001:4860:4801:36::/64 +2001:4860:4801:37::/64 +2001:4860:4801:38::/64 +2001:4860:4801:39::/64 +2001:4860:4801:3a::/64 +2001:4860:4801:3b::/64 +2001:4860:4801:3c::/64 +2001:4860:4801:3d::/64 +2001:4860:4801:3e::/64 +2001:4860:4801:3f::/64 +2001:4860:4801:40::/64 +2001:4860:4801:41::/64 +2001:4860:4801:42::/64 +2001:4860:4801:44::/64 +2001:4860:4801:45::/64 +2001:4860:4801:46::/64 +2001:4860:4801:47::/64 +2001:4860:4801:48::/64 +2001:4860:4801:49::/64 +2001:4860:4801:4a::/64 +2001:4860:4801:4b::/64 +2001:4860:4801:4c::/64 +2001:4860:4801:4d::/64 +2001:4860:4801:4e::/64 +2001:4860:4801:50::/64 +2001:4860:4801:51::/64 +2001:4860:4801:52::/64 +2001:4860:4801:53::/64 +2001:4860:4801:54::/64 +2001:4860:4801:55::/64 +2001:4860:4801:56::/64 +2001:4860:4801:57::/64 +2001:4860:4801:58::/64 +2001:4860:4801:59::/64 +2001:4860:4801:60::/64 +2001:4860:4801:61::/64 +2001:4860:4801:62::/64 +2001:4860:4801:63::/64 +2001:4860:4801:64::/64 +2001:4860:4801:65::/64 +2001:4860:4801:66::/64 +2001:4860:4801:67::/64 +2001:4860:4801:68::/64 +2001:4860:4801:69::/64 +2001:4860:4801:6a::/64 +2001:4860:4801:6b::/64 +2001:4860:4801:6c::/64 +2001:4860:4801:6d::/64 +2001:4860:4801:6e::/64 +2001:4860:4801:6f::/64 +2001:4860:4801:70::/64 +2001:4860:4801:71::/64 +2001:4860:4801:72::/64 +2001:4860:4801:73::/64 +2001:4860:4801:74::/64 +2001:4860:4801:75::/64 +2001:4860:4801:76::/64 +2001:4860:4801:77::/64 +2001:4860:4801:78::/64 +2001:4860:4801:79::/64 +2001:4860:4801:7a::/64 +2001:4860:4801:7b::/64 +2001:4860:4801:7c::/64 +2001:4860:4801:7d::/64 +2001:4860:4801:80::/64 +2001:4860:4801:81::/64 +2001:4860:4801:82::/64 +2001:4860:4801:83::/64 +2001:4860:4801:84::/64 +2001:4860:4801:85::/64 +2001:4860:4801:86::/64 +2001:4860:4801:87::/64 +2001:4860:4801:88::/64 +2001:4860:4801:90::/64 +2001:4860:4801:91::/64 +2001:4860:4801:92::/64 +2001:4860:4801:93::/64 +2001:4860:4801:94::/64 +2001:4860:4801:95::/64 +2001:4860:4801:96::/64 +2001:4860:4801:97::/64 +2001:4860:4801:a0::/64 +2001:4860:4801:a1::/64 +2001:4860:4801:a2::/64 +2001:4860:4801:a3::/64 +2001:4860:4801:a4::/64 +2001:4860:4801:a5::/64 +2001:4860:4801:a6::/64 +2001:4860:4801:a7::/64 +2001:4860:4801:a8::/64 +2001:4860:4801:a9::/64 +2001:4860:4801:aa::/64 +2001:4860:4801:ab::/64 +2001:4860:4801:ac::/64 +2001:4860:4801:ad::/64 +2001:4860:4801:ae::/64 +2001:4860:4801:b0::/64 +2001:4860:4801:b1::/64 +2001:4860:4801:b2::/64 +2001:4860:4801:b3::/64 +2001:4860:4801:b4::/64 +2001:4860:4801:b5::/64 +2001:4860:4801:b6::/64 +2001:4860:4801:c::/64 +2001:4860:4801:f::/64 diff --git a/excludes/my.txt b/excludes/my.txt index 66bc421..331f79c 100644 --- a/excludes/my.txt +++ b/excludes/my.txt @@ -1,2 +1,3 @@ -# In this file, you should put the IPs you don't want blocked. -# One IP/range per line. +# In this file, place the IPs you do not want blocked. One IP/range per line. +127.0.0.0/8 +::1/128 diff --git a/fortress-block.sh b/fortress-block.sh index b39ad2f..a4e9e1e 100755 --- a/fortress-block.sh +++ b/fortress-block.sh @@ -1,9 +1,28 @@ #!/bin/bash + +# fortress-block.sh +# Copyright (C) 2023 Marian Marinov +# IP blocker for Fortress. https://github.com/hackman/Fortress + +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see +# . + config=/etc/fortress/fortress.conf if [[ ! -f $config ]]; then - echo "Missing configuration file: $config" - exit + echo "Missing configuration file: $config" + exit 1 fi redirect_ip=$(awk -F= '/redirect_ip/ && $1 !~ /^\s*#/ {print $2}' $config) block_type=$( awk -F= '/block_type/ && $1 !~ /^\s*#/ {print $2}' $config) @@ -13,74 +32,75 @@ ip='' comment='' if [[ $# -eq 0 ]]; then - echo "Usage: $0 IP [comment]" - exit + echo "Usage: $0 IP [comment]" + exit 1 fi if [[ ! $1 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "Error: invalid IP format" - exit + echo "Error: Invalid IP format." + exit 1 fi # Parameters: # 1 - IP # 2 - Comment ipset_block() { - ip=$1 - shift - ipset_name=$( awk -F= '/ipset_name/ && $1 !~ /^\s*#/ {print $2}' $config) - if [[ -z $ipset_name ]]; then - echo -e "Error: unable to find ipset_name in $config.\nPlease check the configuration and try again.\n" - exit - fi - if [[ -n $1 ]]; then - ipset add $ipset_name $ip comment "$*" timeout $block_time - else - ipset add $ipset_name $ip - fi + ip=$1 + shift + ipset_name=$( awk -F= '/ipset_name/ && $1 !~ /^\s*#/ {print $2}' $config) + if [[ -z $ipset_name ]]; then + echo "Error: Unable to find ipset_name in $config." + echo -e "Please check the configuration and try again.\n" + exit + fi + if [[ -n $1 ]]; then + ipset add "$ipset_name" "$ip" comment "$*" timeout "$block_time" + else + ipset add "$ipset_name" "$ip" + fi } # Parameters: # 1 - IP # 2 - Comment iptables_block() { - ip=$1 - shift - chain=INPUT - chain_name=$( awk -F= '/chain_name/ && $1 !~ /^\s*#/ {print $2}' $config) - if [[ -n $chain_name ]]; then - chain=$chain_name - fi - if [[ -n $1 ]]; then - iptables -I $chain -j DROP -s $ip -m comment --comment "$*" - else - iptables -I $chain -j DROP -s $ip - fi + ip=$1 + shift + chain=INPUT + chain_name=$( awk -F= '/chain_name/ && $1 !~ /^\s*#/ {print $2}' $config) + if [[ -n $chain_name ]]; then + chain=$chain_name + fi + if [[ -n $1 ]]; then + iptables -I "$chain" -j DROP -s "$ip" -m comment --comment "$*" + else + iptables -I "$chain" -j DROP -s "$ip" + fi } # Parameters: # 1 - IP redirection() { - if [[ -z $redirect_ip ]]; then - echo "No redirect IP defined. Quiting without redirection." - exit 1 - fi - iptables -t nat -A PREROUTING -j DNAT -s $1 -p tcp --dport 80 --to $redirect_ip - iptables -t nat -A PREROUTING -j DNAT -s $1 -p tcp --dport 443 --to $redirect_ip - iptables -t nat -A PREROUTING -j DNAT -s $1 -p udp --dport 443 --to $redirect_ip + if [[ -z $redirect_ip ]]; then + echo "No redirect IP defined. Quiting without redirection." + exit 1 + fi + iptables -t nat -A PREROUTING -j DNAT -s "$1" -p tcp --dport 80 --to "$redirect_ip" + iptables -t nat -A PREROUTING -j DNAT -s "$1" -p tcp --dport 443 --to "$redirect_ip" + iptables -t nat -A PREROUTING -j DNAT -s "$1" -p udp --dport 443 --to "$redirect_ip" } case "$block_type" in - ipset) - ipset_block $* - ;; - iptables) - iptables_block $* - ;; - redirect) - redirection $* - ;; - *) - echo "Error: unsupported block type in the configuration $config" - ;; + ipset) + ipset_block "$*" + ;; + iptables) + iptables_block "$*" + ;; + redirect) + redirection "$*" + ;; + *) + echo "Error: Unsupported block type in the configuration $config" + ;; esac diff --git a/fortress-centos7.spec b/fortress-centos7.spec index ed97d3f..87e501e 100644 --- a/fortress-centos7.spec +++ b/fortress-centos7.spec @@ -2,7 +2,7 @@ Name: fortress Version: 1.0 Release: 3 Summary: Fortress connection monitoring and protection -License: GPLv2 +License: GPL-2.0-or-later URL: https://github.com/hackman/Fortress Source0: %{name}-%{version}.tgz BuildArch: noarch @@ -12,10 +12,9 @@ Provides: fortress AutoReqProv: no %description -This package provides the Fortress connection monitoring and -protection system. -It monitors TCP and UDP connections and automaticaly blocks -and unblocks IPs that may put the machine at risk. +This package provides the Fortress connection monitoring and protection system. +It monitors TCP and UDP connections and automaticaly blocks and unblocks IPs +that may put the machine at risk. %prep %setup -q diff --git a/fortress-install.sh b/fortress-install.sh new file mode 100755 index 0000000..b58bf4a --- /dev/null +++ b/fortress-install.sh @@ -0,0 +1,173 @@ +#!/bin/bash + +# fortress-install.sh +# Copyright (C) 2026 Michael McMahon +# Installer for Fortress. https://github.com/hackman/Fortress + +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see +# . + +set -euo pipefail +#set -euxo pipefail # DEBUG + +echo "This script installs and configures Fortress for iptables or ipset." +echo "https://github.com/hackman/Fortress" + +# Initialization checks. + +# Check for /bin/bash. +if [ "$BASH_VERSION" = '' ]; then + echo "You are not using bash." + echo "Use this syntax instead:" + echo " sudo bash fortress-install.sh" + exit 1 +fi + +# Check for root. +if [[ $EUID -ne 0 ]]; then + echo "This script must be run as root." + exit 1 +fi + +# Create config directory. +echo "Creating fortress directories..." +mkdir -p /etc/fortress +mkdir -p /usr/share/fortress +mkdir -p /usr/lib/fortress +mkdir -p /var/log/fortress +mkdir -p /var/run/fortress +mkdir -p /var/cache/fortress +mkdir -p /etc/systemd/system + +# Copy configuration files. +echo "Copying configuration files..." +config="/etc/fortress/fortress.conf" +cp fortress.conf "$config" +# Copy exclude files. +cp excludes/baidu.txt /etc/fortress/ +cp excludes/bingbot.txt /etc/fortress/ +cp excludes/cloudflare.txt /etc/fortress/ +cp excludes/google.txt /etc/fortress/ +cp excludes/msnbot.txt /etc/fortress/ +cp excludes/my.txt /etc/fortress/ +cp excludes/yahoo.txt /etc/fortress/ +cp excludes/yandex.txt /etc/fortress/ +# Copy LICENSE file. +cp LICENSE /usr/share/fortress + +# Check dependencies. +# Mandatory: Perl's Net::Patricia module +# For package names across operating systems reference: +# https://repology.org/project/perl%3Anet-patricia/versions +# Optional: ipset +# For package names across operating systems reference: +# https://repology.org/project/ipset/versions + +# Enable ipset configuration if present. +echo "Checking if ipset is installed..." +ipsetpresent=0 +package="ipset" +# Check if dpkg is present. +if command -v dpkg >/dev/null 2>&1; then + # Check if ipset is present. + if dpkg -s $package >/dev/null 2>&1; then + ipsetpresent=1 + echo "$package is installed." + fi + echo "Checking if libnet-patricia-perl is installed..." + if dpkg -s libnet-patricia-perl >/dev/null 2>&1; then + echo "libnet-patricia-perl is installed." + else + echo "Attempting to install the libnet-patricia-perl dependency..." + apt-get install -y libnet-patricia-perl + fi +fi +# Check if rpm is present. +if command -v rpm >/dev/null 2>&1; then + # Check if ipset is present. + if rpm -q $package >/dev/null 2>&1; then + echo "$package is installed." + fi + echo "Checking if perl-Net-Patricia is installed..." + if rpm -q perl-Net-Patricia >/dev/null 2>&1; then + echo "perl-Net-Patricia is installed." + else + echo "Attempting to install the perl-Net-Patricia dependency..." + if command -v yum >/dev/null 2>&1; then + yum install -y perl-Net-Patricia + fi + if command -v dnf >/dev/null 2>&1; then + dnf install -y perl-Net-Patricia + fi + if command -v zypper >/dev/null 2>&1; then + zypper install -y perl-Net-Patricia + fi + fi +fi +if [ $ipsetpresent = 1 ]; then + echo "Enabling ipset configuration..." + sed -i 's/block_type=iptables/block_type=ipset/g' "$config" + sed -i 's/#ipset_name=blocklist/ipset_name=fortress/g' "$config" + echo "Note: Some additional steps are required to create the ipset and add" + echo "the ipset to iptables." +else + echo "ipset was not found with rpm or dpkg. The iptables configuration is" + echo "the default and is currently applied. If you want Fortress to block" + echo "with ipset, install the ipset package and run this script again." +fi +echo "If you want the redirection configuration, manual steps will need to be" +echo "taken to configure the redirection and setup the secondary server." + +# Install Fortress scripts. +echo "Installing Fortress scripts..." +cp fortress.pl /usr/sbin/fortress +# These chmod entries should not be necessary, but they could be useful if +# someone places these files in a NTFS partition first. +chmod +x /usr/sbin/fortress +cp fortress-unblock.sh /usr/sbin/fortress-unblock +chmod +x /usr/sbin/fortress-unblock +cp fortress-block.sh /usr/sbin/fortress-block +chmod +x /usr/sbin/fortress-block + +# SystemD +echo "Configuring systemd..." +# Install the service file. +cp fortress.service /etc/systemd/system/ +# Reload systemctl. +systemctl daemon-reload +# Starting fortress service +systemctl start fortress + +# Check if Fortress works. +echo "Checking if fortress started successfully..." + +if ! systemctl is-active --quiet fortress ; then + echo "Fortress failed to start. Troubleshooting is required. The following" + echo "text is the output of this command:" + echo ' journalctl -u fortress.service --since="today" --no-pager' + journalctl -u fortress.service --since="today" --no-pager + echo "Stopping Fortress service." + systemctl stop fortress + echo "Disabling Fortress service." + systemctl disable fortress + echo "Fortress failed to start." + exit 1 +else + # Enable fortress service + systemctl enable fortress + echo "If all commands were successful and all dependencies were met, fortress" + echo "should be running now and should start automatically after you reboot." +fi + +exit 0 diff --git a/fortress-unblock.sh b/fortress-unblock.sh index e71146a..645e867 100755 --- a/fortress-unblock.sh +++ b/fortress-unblock.sh @@ -1,9 +1,28 @@ #!/bin/bash + +# fortress-unblock.sh +# Copyright (C) 2023 Marian Marinov +# IP unblocker for Fortress. https://github.com/hackman/Fortress + +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see +# . + config=/etc/fortress/fortress.conf if [[ ! -f $config ]]; then - echo "Missing configuration file: $config" - exit + echo "Missing configuration file: $config" + exit fi redirect_ip=$(awk -F= '/redirect_ip/ && $1 !~ /^\s*#/ {print $2}' $config) block_type=$( awk -F= '/block_type/ && $1 !~ /^\s*#/ {print $2}' $config) @@ -12,70 +31,71 @@ ip='' comment='' if [[ $# -eq 0 ]]; then - echo "Usage: $0 IP [comment]" - exit + echo "Usage: $0 IP [comment]" + exit fi if [[ ! $1 =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then - echo "Error: invalid IP format" - exit + echo "Error: Invalid IP format." + exit 1 fi # Parameters: # 1 - IP # 2 - Comment ipset_unblock() { - ip=$1 - shift - ipset_name=$( awk -F= '/ipset_name/ && $1 !~ /^\s*#/ {print $2}' $config) - if [[ -z $ipset_name ]]; then - echo -e "Error: unable to find ipset_name in $config.\nPlease check the configuration and try again.\n" - exit - fi - ipset del $ipset_name $ip 2>/dev/null + ip=$1 + shift + ipset_name=$( awk -F= '/ipset_name/ && $1 !~ /^\s*#/ {print $2}' $config) + if [[ -z $ipset_name ]]; then + echo "Error: Unable to find ipset_name in $config." + echo -e "Please check the configuration and try again.\n" + exit 1 + fi + ipset del "$ipset_name" "$ip" 2>/dev/null } # Parameters: # 1 - IP # 2 - Comment iptables_unblock() { - ip=$1 - shift - chain=INPUT - chain_name=$( awk -F= '/chain_name/ && $1 !~ /^\s*#/ {print $2}' $config) - if [[ -n $chain_name ]]; then - chain=$chain_name - fi - if [[ -n $1 ]]; then - iptables -D $chain -j DROP -s $ip -m comment --comment "$*" - else - iptables -D $chain -j DROP -s $ip - fi + ip=$1 + shift + chain=INPUT + chain_name=$( awk -F= '/chain_name/ && $1 !~ /^\s*#/ {print $2}' $config) + if [[ -n $chain_name ]]; then + chain=$chain_name + fi + if [[ -n $1 ]]; then + iptables -D "$chain" -j DROP -s "$ip" -m comment --comment "$*" + else + iptables -D "$chain" -j DROP -s "$ip" + fi } # Parameters: # 1 - IP redirection() { - if [[ -z $redirect_ip ]]; then - echo "No redirect IP defined. Quiting without redirection." - exit 1 - fi - iptables -t nat -D PREROUTING -j DNAT -s $1 -p tcp --dport 80 --to $redirect_ip - iptables -t nat -D PREROUTING -j DNAT -s $1 -p tcp --dport 443 --to $redirect_ip - iptables -t nat -D PREROUTING -j DNAT -s $1 -p udp --dport 443 --to $redirect_ip + if [[ -z $redirect_ip ]]; then + echo "No redirect IP defined. Quiting without redirection." + exit 1 + fi + iptables -t nat -D PREROUTING -j DNAT -s "$1" -p tcp --dport 80 --to "$redirect_ip" + iptables -t nat -D PREROUTING -j DNAT -s "$1" -p tcp --dport 443 --to "$redirect_ip" + iptables -t nat -D PREROUTING -j DNAT -s "$1" -p udp --dport 443 --to "$redirect_ip" } case "$block_type" in - ipset) - ipset_unblock $* - ;; - iptables) - iptables_unblock $* - ;; - redirect) - redirection $* - ;; - *) - echo "Error: unsupported block type in the configuration $config" - ;; + ipset) + ipset_unblock "$*" + ;; + iptables) + iptables_unblock "$*" + ;; + redirect) + redirection "$*" + ;; + *) + echo "Error: Unsupported block type in the configuration $config" + ;; esac diff --git a/fortress.conf b/fortress.conf index af4ef3a..0038652 100644 --- a/fortress.conf +++ b/fortress.conf @@ -1,41 +1,45 @@ -# +# # Fortress configuration # -# turn on/of the debugging of the daemon +# Turn on/off the debugging of the daemon. debug=0 -# if you don't run Fortress as systemd service, you most likely want fortress running as daemon +# If you do not run Fortress as systemd service, you most likely want fortress +# running as daemon. daemonize=0 # Exclude IPs or ranges from being blocked -# The files have one IP or CIDR range per line and can have comments with # at the begining of the line. -# You have many lists prepared for you in /etc/fortress. +# The files have one IP or CIDR range per line and can have comments with # at +# the begining of the line. You have many lists prepared for you in the +# /etc/fortress directory. excludes="/etc/fortress/cloudflare.txt /etc/fortress/google.txt /etc/fortress/yahoo.txt /etc/fortress/my.txt" -# On which ports should we monitor for connections in SYN_RECV or ESTABLISHED states. -# Anything other then these local ports is skipped. -# Default: 80 443 +# On which ports should we monitor for connections in SYN_RECV or ESTABLISHED +# states? Anything other then these local ports is skipped. Default: 80 443 ports=25 53 80 110 143 443 993 995 # Type of blocking you want to do: -# iptables - using iptables to block the offending IP. You may also uncomment the chain_name option. -# If chain_name is not defined INPUT will be used. -# ipset - using IPsets to block the offending IP. You also have to uncomment ipset_name option. -# redirect - in this setup, traffic to web will be redirected to an IP using DNAT. For this type -# you also need to set redirect_ip +# iptables - Use iptables to block the offending IP. You may also uncomment the +# chain_name option. If chain_name is not defined INPUT will be +# used. +# ipset - Use IPsets to block the offending IP. You also have to uncomment +# ipset_name option. +# redirect - In this setup, traffic to web will be redirected to an IP using +# DNAT. For this type you also need to set redirect_ip and configure +# another server to run the other page. block_type=iptables #ipset_name=blocklist #chain_name=block #redirect_ip=127.0.0.1 -# Path to the scripts used for blocking and unblocking of offending IPs +# Path to the scripts used for blocking and unblocking of offending IPs. block_script=/usr/sbin/fortress-block -# When using ipset with automatic expire, unblock script is not needed +# When using ipset with automatic expire, unblock script is not needed. unblock_script=/usr/sbin/fortress-unblock -# Blocked time in seconds. -# Default: 900sec(15min) +# Blocked time in seconds. +# Default: 900sec (15min) block_time=900 ## Connection count configuration @@ -53,7 +57,8 @@ high_conns=20 low_syn_recv_conns=50 high_syn_recv_conns=25 -# File that stores the list of last blocked IPs before last service interruption. +# File that stores the list of last blocked IPs before last service +# interruption. store_db=/var/cache/fortress/ip.db # File locations diff --git a/fortress.pl b/fortress.pl index 5efea21..8d55bc1 100755 --- a/fortress.pl +++ b/fortress.pl @@ -1,4 +1,23 @@ #!/usr/bin/perl + +# fortress.pl +# Copyright (C) 2023 Marian Marinov +# IP detector for Fortress. https://github.com/hackman/Fortress + +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, see +# . + use strict; use warnings; use POSIX qw(strftime setsid); @@ -18,15 +37,17 @@ my $config_path = '/etc/fortress/fortress.conf'; my $excludes = new Net::Patricia; my $load = 0; +my $ipset_name = ''; open my $conf_file, '<', $config_path or die "Error: Cannot open configuration file($config_path): $!"; -# Read the configuration file, by skipping all lines that start with # and remove any quotes +# Read the configuration file, by skipping all lines that start with # and +# remove any quotes. while (my $line = <$conf_file>) { - next if ($line !~ /^\s*\w/); - $line =~ s/[\s\r\n]*$//g; - $line =~ s/['"]*$//g; - my ($key, $val) = split /=/, $line, 2; - $config{$key} = $val; + next if ($line !~ /^\s*\w/); + $line =~ s/[\s\r\n]*$//g; + $line =~ s/['"]*$//g; + my ($key, $val) = split /=/, $line, 2; + $config{$key} = $val; } close $conf_file; @@ -70,17 +91,17 @@ sub block_ip { my $blocked_ref = shift; my $ip = shift; my $msg = shift; - return if (exists $blocked_ref->{$ip}); # already blocked + return if (exists $blocked_ref->{$ip}); # Already blocked. logger($conf_ref, $msg); - + $blocked_ref->{$ip}=time(); system($conf_ref->{'block_script'}, $ip, $msg); } sub get_local_ips { my $excluded_ref = shift; - open my $ips, '-|', '/usr/sbin/ip -4 a l'; + open my $ips, '-|', '/sbin/ip -4 a l'; while(my $line = <$ips>) { if ($line =~ /inet ([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/[0-9]+/) { $excluded_ref->add_string($1, 'local'); @@ -90,7 +111,52 @@ sub get_local_ips { return; } -# Make sure none of the local IPs on the machine gets accidentally blocked +sub run_setup_command { + my( $action, $errstring, $command ) = @_; + + warn qq(info: running $action with # $command\n); + die qq(failed to $action; $errstring; $!) if system( $command ); +} + +sub try_setup_command { + my( $action, $command ) = @_; + + warn qq(info: probing for $action with # $command\n); + system( qq($command >/dev/null 2>&1) ); +} + +# ipset bootstrapping +if( $config{'block_type'} eq 'ipset' ) { + # Take ipset name from $config{'ipset_name'} when defined otherwise use + # "fortressv4" as a default ipset name. + $ipset_name = $config{'ipset_name'} || 'fortressv4'; + + # Add ipset using -exist to prevent errors when it already exists. + my $ipset_create_command = + qq(ipset -exist -N $ipset_name hash:net family inet maxelem 100000); + # iptables command are modified to create "probing" versions. + my @iptables_cmds = ( + qq[iptables -I INPUT -m set --match-set $ipset_name src -j DROP], + qq[iptables -I FORWARD -m set --match-set $ipset_name src -j DROP] + ); + + run_setup_command( + 'create ipset', + 'fix this issue or try another block_type', + $ipset_create_command + ); + + for my$cmds (@iptables_cmds) { # + # Make a test version (-C) to avoid duplicating iptables entries. + my $testcmds = $cmds; + $testcmds =~ s/-I/-C/; + if(try_setup_command( 'iptable', $testcmds )) { + run_setup_command('iptable', 'check command manually for errors', $cmds); + } + } +} + +# Make sure none of the local IPs on the machine gets accidentally blocked. get_local_ips($excludes); if (exists $config{'exclude_files'} and $config{'exclude_files'} ne '') { @@ -118,15 +184,15 @@ sub get_local_ips { die "Error: missing block_script or $config{'block_script'} not executable\n"; } -# check if the daemon is running +# Check if the daemon is running. if ( -e $config{'pid_file'} ) { - # get the old pid + # Get the old pid. umask 077; open my $PIDFILE, '<', $config{'pid_file'} or die "Error: Can't open pid file(".$config{'pid_file'}."): $!\n"; $old_pid = <$PIDFILE>; close $PIDFILE; umask($umask); - # check if $old_pid is still running + # Check if $old_pid is still running. if ( $old_pid =~ /[0-9]+/ ) { if ( -d "/proc/$old_pid" ) { die "Error: Fortress is already running!\n"; @@ -164,11 +230,11 @@ sub get_local_ips { $config{'ports'} = '80 443'; } -# Convert the port numbers to hex and put them in a hash +# Convert the port numbers to hex and put them in a hash. %ports = map { sprintf('%04X', $_) => 1 } split /\s+/, $config{'ports'}; -# This is used only to optimize the check in the loop later. -# This way we don't need to convert every hex port from the file to decimal. +# This is used only to optimize the check in the loop later. This way we do not +# need to convert every hex port from the file to decimal. my %monitored_states = ( '01' => 'ESTABLISHED', '03' => 'SYN_RECV' @@ -179,26 +245,29 @@ sub get_local_ips { logger(\%config, "Ports monitored: $config{'ports'}"); logger(\%config, "High load set to: $config{'high_load'}"); while (1) { - # Make sure we start the loop with empty values + # Make sure we start the loop with empty values. %established= (); %syn_sent = (); $counter++; - # We use a counter here, instead of actual times as it is more efficient. The counter is not so suffisticated, as - # the code, some times may not execute in less then 1sec. But we don't need high accuracy here. - clean_ips(\%config, $blocked_ips) if ($counter%10 == 0); # execute every 10th time (10sec) - $load = get_load(\%config) if ($counter%5 == 0); # get the current load every 5 seconds - $counter=0 if ($counter > 10000); # reset the counter to prevent comparison of very high numbers - store \%blocked, $config{'store_db'} if ($counter%120 == 0);# execute every 120th time (rufly every 120sec) + # We use a counter here, instead of actual times as it is more + # efficient. The counter is not so sophisticated, as the code, some + # times may not execute in less then 1 second. But we do not need high + # accuracy here. + clean_ips(\%config, $blocked_ips) if ($counter%10 == 0); # Execute every 10th time (10sec). + $load = get_load(\%config) if ($counter%5 == 0); # Get the current load every 5 seconds. + $counter=0 if ($counter > 10000); # Reset the counter to prevent comparison of very high numbers. + store \%blocked, $config{'store_db'} if ($counter%120 == 0); # Execute every 120th time (roughly every 120sec). my $conn_count = $config{'low_conns'}; my $syn_count = $config{'low_syn_recv_conns'}; - # We do this check here, otherwise we would need to do it in the loop, just before we check the $established count. + # We do this check here, otherwise we would need to do it in the loop, + # just before we check the $established count. if ($load > $config{'high_load'}) { $conn_count = $config{'high_conns'}; $syn_count = $config{'high_syn_recv_conns'}; } - # Collect the stats + # Collect the stats. open my $tcp, '<', '/proc/net/tcp' or die "Error: Failed to open /proc/net/tcp: $!"; while (<$tcp>) { # sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode @@ -210,11 +279,13 @@ sub get_local_ips { my $remote_hex_port = $4; my $state = $5; - # Do not check states other then ESTABLISHED and SYN_RECV + # Do not check states other then ESTABLISHED and SYN_RECV. next if (!exists $monitored_states{$state}); - # The IP is written in reverse byte order, in hex. This converts each two hex chars into a number and at the end returns the dotted IPv4 format, that is expected. + # The IP is written in reverse byte order, in hex. This + # converts each two hex chars into a number and at the end + # returns the dotted IPv4 format, that is expected. my $ip = hex(substr($remote_hex_ip,6,2)) . '.' . hex(substr($remote_hex_ip,4,2)) . '.' . hex(substr($remote_hex_ip,2,2)) . '.' . hex(substr($remote_hex_ip,0,2)); - # Do not continue if the IP is in the excluded list + # Do not continue if the IP is in the excluded list. next if ($excludes->match_string($ip)); # States: @@ -223,19 +294,22 @@ sub get_local_ips { # 06 - TIME_WAIT # 08 - CLOSE_WAIT - # This is to catch smaller SYN flood attacks, usually dispersed between multiple source IPs. - # This should be checked no matter the load value. + # This is to catch smaller SYN flood attacks, usually dispersed + # between multiple source IPs. This should be checked no matter + # the load value. if ($state eq '03') { $syn_sent{$ip}++; } - # Check established conns, if the port is one of the ports configured to be monitored + # Check established conns, if the port is one of the ports + # configured to be monitored. if ($state eq '01' and exists $ports{$local_hex_port}) { $established{$ip}++; } } # read /proc/net/tcp - # Check if we need to block any IP. We do it here and not in the above loop, so we know what was the actual number of conns from the IP. + # Check if we need to block any IP. We do it here and not in the above + # loop, so we know what was the actual number of conns from the IP. while (my ($ip, $conns) = each(%syn_sent)) { if ($syn_sent{$ip} > $syn_count) { block_ip(\%config, $blocked_ips, $ip, "Blocking IP $ip for having more then $syn_count($syn_sent{$ip}) SYN_RECV connections"); diff --git a/fortress.service b/fortress.service index 5a49d68..7fe12e4 100644 --- a/fortress.service +++ b/fortress.service @@ -3,7 +3,7 @@ Description=Fortress connection blocking service After=network.target [Service] -# Disable OOM kill for this process +# Disable OOM kill for this process. OOMScoreAdjust=-1000 ExecStart=/usr/sbin/fortress TimeoutSec=15