Advertisement
Guest User

Untitled

a guest
Jul 18th, 2017
460
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <#  
  2. .SYNOPSIS  
  3.     - Invoke-WebRequest https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653
  4.     - looks for 'Click Here' (manual download link)
  5.     - loads download into xml variable
  6.     - outputs lists of Azure DC subnets in various formats
  7.  
  8. .Version 0.3
  9.    
  10. .DESCRIPTION
  11.    This is based on the script found here: https://gallery.technet.microsoft.com/scriptcenter/Powershell-script-to-6cc03244 modified to output in a couple of useful formats
  12.  
  13. .SYNTAX
  14.     Get-AzureSubnets -Format <Default|Raw|Fortinet> -Interface <String to use for Fortigate associated-interface>
  15.  
  16. .NOTES  
  17.     File Name    : Get-AzureSubnets.ps1
  18.     Author       : sam.firth@codeblue.co.nz
  19. #>
  20.  
  21. param ([string]$Format = "Default", [string]$Interface = "all")
  22.  
  23.  
  24. #Grab the XML from MS
  25. $AzureIPRangesPage=Invoke-WebRequest -Uri https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653 -Method Get -UseBasicParsing
  26. [XML]$AzureIPRanges=Invoke-RestMethod -uri ($AzureIPRangesPage.Links |Where {$_.outerhtml -like "*Click here*"}).href[0]
  27.  
  28.  
  29. #This is the original output from drew's script, this script will give identical output if no arguments are given
  30. Function Default
  31.     {
  32.     Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
  33.         {
  34.         Write-Host $iprange.name -ForegroundColor Yellow
  35.         Foreach ($ipsubnet in $iprange.iprange.subnet)
  36.             {
  37.             Write-Host $ipsubnet
  38.             }
  39.         Write-Host "---------------------" -ForegroundColor White
  40.         }
  41. }
  42.  
  43. #Raw list of subnets, one per line
  44. Function Raw
  45.     {
  46.     Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
  47.         {
  48.         Foreach ($ipsubnet in $iprange.iprange.subnet)
  49.             {
  50.             Write-Output $ipsubnet
  51.             }
  52.         }
  53. }
  54.  
  55. #Output formatted for Fortigate firewalls
  56. Function Fortinet
  57.     {
  58.     $group = [System.Collections.ArrayList]@()
  59.     Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
  60.         {
  61.         $count=1
  62.         Write-Output "config firewall address"
  63.         Foreach ($ipsubnet in $iprange.iprange.subnet)
  64.             {
  65.             $name="azure-" + $iprange.name + "-" +  "{0:000}" -f $count
  66.             Write-Output "edit $name"
  67.             Write-Output "set associated-interface ""$Interface"""
  68.             Write-Output "set subnet $ipsubnet"
  69.             Write-Output "next"
  70.             $count ++
  71.             $group += "`"$name`""
  72.             }
  73.         Write-Output "end"
  74.         }
  75.    
  76.     # Fortigate only accepts 300 Members in a single statement
  77.     while ($group.Length -gt 1)
  78.         {
  79.         Write-Output "config firewall addrgrp"
  80.         Write-Output "edit ""Azure IPs"""
  81.         Write-Output "set member $($group[0..299])"
  82.         Write-Output "next"
  83.         Write-Output "end"
  84.         $edgecase = $group[-1]
  85.         $group = $group[300..($group.Length-1)]
  86.         }
  87.        
  88.         #This is here in case $group contained exactly 301 items on the last run
  89.         if ($edgecase -ne $group)
  90.             {
  91.             Write-Output "config firewall addrgrp"
  92.             Write-Output "edit ""Azure IPs"""
  93.             Write-Output "set member $group"
  94.             Write-Output "next"
  95.             Write-Output "end"
  96.             }
  97. }
  98.  
  99. #arg processing
  100. if ($Format -eq "Default") { Default }
  101. elseif ($Format -eq "Fortinet") { Fortinet }
  102. elseif ($Format -eq "Raw") { Raw }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement