Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <#
- .SYNOPSIS
- - Invoke-WebRequest https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653
- - looks for 'Click Here' (manual download link)
- - loads download into xml variable
- - outputs lists of Azure DC subnets in various formats
- .Version 0.3
- .DESCRIPTION
- This is based on the script found here: https://gallery.technet.microsoft.com/scriptcenter/Powershell-script-to-6cc03244 modified to output in a couple of useful formats
- .SYNTAX
- Get-AzureSubnets -Format <Default|Raw|Fortinet> -Interface <String to use for Fortigate associated-interface>
- .NOTES
- File Name : Get-AzureSubnets.ps1
- Author : sam.firth@codeblue.co.nz
- #>
- param ([string]$Format = "Default", [string]$Interface = "all")
- #Grab the XML from MS
- $AzureIPRangesPage=Invoke-WebRequest -Uri https://www.microsoft.com/en-us/download/confirmation.aspx?id=41653 -Method Get -UseBasicParsing
- [XML]$AzureIPRanges=Invoke-RestMethod -uri ($AzureIPRangesPage.Links |Where {$_.outerhtml -like "*Click here*"}).href[0]
- #This is the original output from drew's script, this script will give identical output if no arguments are given
- Function Default
- {
- Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
- {
- Write-Host $iprange.name -ForegroundColor Yellow
- Foreach ($ipsubnet in $iprange.iprange.subnet)
- {
- Write-Host $ipsubnet
- }
- Write-Host "---------------------" -ForegroundColor White
- }
- }
- #Raw list of subnets, one per line
- Function Raw
- {
- Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
- {
- Foreach ($ipsubnet in $iprange.iprange.subnet)
- {
- Write-Output $ipsubnet
- }
- }
- }
- #Output formatted for Fortigate firewalls
- Function Fortinet
- {
- $group = [System.Collections.ArrayList]@()
- Foreach ($iprange in $Azureipranges.AzurePublicIpAddresses.region)
- {
- $count=1
- Write-Output "config firewall address"
- Foreach ($ipsubnet in $iprange.iprange.subnet)
- {
- $name="azure-" + $iprange.name + "-" + "{0:000}" -f $count
- Write-Output "edit $name"
- Write-Output "set associated-interface ""$Interface"""
- Write-Output "set subnet $ipsubnet"
- Write-Output "next"
- $count ++
- $group += "`"$name`""
- }
- Write-Output "end"
- }
- # Fortigate only accepts 300 Members in a single statement
- while ($group.Length -gt 1)
- {
- Write-Output "config firewall addrgrp"
- Write-Output "edit ""Azure IPs"""
- Write-Output "set member $($group[0..299])"
- Write-Output "next"
- Write-Output "end"
- $edgecase = $group[-1]
- $group = $group[300..($group.Length-1)]
- }
- #This is here in case $group contained exactly 301 items on the last run
- if ($edgecase -ne $group)
- {
- Write-Output "config firewall addrgrp"
- Write-Output "edit ""Azure IPs"""
- Write-Output "set member $group"
- Write-Output "next"
- Write-Output "end"
- }
- }
- #arg processing
- if ($Format -eq "Default") { Default }
- elseif ($Format -eq "Fortinet") { Fortinet }
- elseif ($Format -eq "Raw") { Raw }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement