Initial commit

8 files changed, 427 insertions, 0 deletions

diff --git a/aws-ipblocks-csv/.gitignore b/aws-ipblocks-csv/.gitignore
new file mode 100644
index 0000000..b512c09
--- /dev/null
+++ b/aws-ipblocks-csv/.gitignore
@@ -0,0 +1 @@
+node_modules
\ No newline at end of file
diff --git a/aws-ipblocks-csv/INSTALL.md b/aws-ipblocks-csv/INSTALL.md
new file mode 100644
index 0000000..5979a27
--- /dev/null
+++ b/aws-ipblocks-csv/INSTALL.md
@@ -0,0 +1,9 @@
+# Build Guide
+Run `npm install`. Distribute the files below.
+
+```
+index.html \
+index.js \
+worker.js \
+node_modules/csv-stringify/dist/esm/index.js
+```
diff --git a/aws-ipblocks-csv/README.md b/aws-ipblocks-csv/README.md
new file mode 100644
index 0000000..6b8cf8d
--- /dev/null
+++ b/aws-ipblocks-csv/README.md
@@ -0,0 +1,23 @@
+# AWS Public IP Address Ranges in CSV Format
+This is a neat little browser tool that downloads [the JSON
+file](https://ip-ranges.amazonaws.com/ip-ranges.json) and convert it to a CSV
+for better analysis with spreadsheet software. If you're annoyed because they
+only provide it in JSON and don't want to code to make sense of the data, you've
+come to the right place!
+
+The JSON data is probably for anyone who is affected by the Amazon's IP address
+changes, namely network admins who have to configure their firewalls for AWS
+traffic. Technically speaking, the data is not meant to be consumed by humans,
+but I personally had to consume it for [my hobby self-hosting
+project](https://gist.github.com/ashegoulding/72a8732d4a1679c343f84fc985ca8de8).
+I was particularly interested in EIP address blocks. I figured they're something
+AWS cannot easily mess with because that involves "evicting" all the EIP holders
+before releasing or repurposing the block.
+
+This tool is hosted on [my github.io
+site](https://ashegoulding.github.io/aws-ipblocks-csv). Bon appetit!
+
+## Links
+https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-ranges.html
+https://aws.amazon.com/blogs/aws/aws-ip-ranges-json/
+https://aws.amazon.com/blogs/developer/querying-the-public-ip-address-ranges-for-aws/
diff --git a/aws-ipblocks-csv/index.html b/aws-ipblocks-csv/index.html
new file mode 100644
index 0000000..ee81518
--- /dev/null
+++ b/aws-ipblocks-csv/index.html
@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html lang="en">
+<!--
+	Copyright (c) 2022 David Timber <dxdt@dev.snart.me>
+
+	Permission is hereby granted, free of charge, to any person obtaining a copy
+	of this software and associated documentation files (the "Software"), to deal
+	in the Software without restriction, including without limitation the rights
+	to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+	copies of the Software, and to permit persons to whom the Software is
+	furnished to do so, subject to the following conditions:
+
+	The above copyright notice and this permission notice shall be included in all
+	copies or substantial portions of the Software.
+
+	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+	IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+	AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+	LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+	OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+	SOFTWARE.
+-->
+<head>
+	<meta charset="utf-8">
+	<title>AWS Public IP Address Ranges in CSV</title>
+
+	<script src="index.js"></script>
+
+	<style>
+		.working-animated {
+			animation-name: blink;
+			animation-duration: 0.5s;
+			animation-iteration-count: infinite;
+			animation-play-state: running;
+			animation-timing-function: steps(2, start);
+		}
+
+		.hidden {
+			visibility: hidden;
+		}
+
+		.error {
+			color: red;
+			font-weight: bold;
+		}
+
+		@keyframes blink {
+			to {
+				visibility: hidden;
+			}
+		}
+		.foot {
+			text-align: right;
+		}
+	</style>
+</head>
+<body onload="do_load()">
+	<h1>AWS Public IP Address Ranges in CSV</h1>
+	<p>
+		This tool pulls <a
+		href="https://ip-ranges.amazonaws.com/ip-ranges.json">the JSON data</a>
+		from the AWS and convert it to CSV, along with other calculated data
+		such as the size of each address block. The file can be imported to a
+		spreadsheet software of your choice to extract the desired data using
+		filters.
+	</p>
+
+	<section>
+	<h2>Tool Options</h2>
+	<form name="form" method="dialog" onsubmit="do_submit()">
+		<p>
+			<input type="checkbox" name="ipv4" checked>
+			<label for="ipv4">Pull IPv4 blocks</label>
+		</p>
+		<p>
+			<input type="checkbox" name="ipv6">
+			<label for="ipv6">Pull IPv6 blocks</label>
+		</p>
+		<p>
+			<button type="submit" name="submit">Go!</button>
+			<label for="submit">&lt;- Requires a fair bit of memory!</label>
+		</p>
+	</form>
+	<p>
+		<span id="working-indicator" class="hidden"></span>
+		<a id="save-link" target="_blank" href="" class="hidden">Save CSV file</a>
+	</p>
+	</section>
+
+	<h2>Format</h2>
+<pre>
+IPV  REGION          NETGRP          SERVICE  NET               CIDR  SIZE
+4    af-south-1      af-south-1      AMAZON   3.2.34.0          26    64
+4    ap-northeast-2  ap-northeast-2  AMAZON   3.5.140.0         22    1024
+4    ap-southeast-4  ap-southeast-4  AMAZON   13.34.37.64       27    32
+4    il-central-1    il-central-1    AMAZON   13.34.65.64       27    32
+4    us-east-1       us-east-1       AMAZON   13.34.66.0        27    32
+4    ca-central-1    ca-central-1    AMAZON   13.34.78.160      27    32
+4    us-west-2       us-west-2       AMAZON   13.34.103.96      27    32
+</pre>
+	<h3>Where ...</h3>
+	<ul>
+		<li><b>IPV</b> is either 4 or 6</li>
+		<li><b>SIZE</b> is the number of addresses in the block</li>
+	</ul>
+	<p>For IPv6 addresses, the CIDR length can be enormous. The tool handles
+	them using <code>BigInt</code>, but your spreadsheet software can struggle
+	to handle it. It will most likely show the numbers in scientific
+	representation.</p>
+	<p class="foot">
+		<small>by David Timber &lt;dxdt@dev.snart.me&gt; (c) 2023</small>
+	</p>
+</body>
+</html>
diff --git a/aws-ipblocks-csv/index.js b/aws-ipblocks-csv/index.js
new file mode 100644
index 0000000..48f150a
--- /dev/null
+++ b/aws-ipblocks-csv/index.js
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 2019-2022 David Timber <dxdt@dev.snart.me>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+var worker;
+var ui = {
+	f: {}
+};
+var url;
+
+function onerror (e) {
+	console.log(e);
+
+	ui.working.innerHTML = e.toString();
+	ui.working.className = "error";
+}
+
+function onmessage (evt) {
+	let blob, url, dlname = [];
+
+	ui.f.submit.disabled = false;
+
+	if (evt.data.error) {
+		onerror(evt.data.error);
+		return;
+	}
+
+	dlname.push("aws-ip_");
+	dlname.push(evt.data.meta["createDate"]);
+	dlname.push("_");
+	dlname.push(evt.data.meta["syncToken"]);
+	dlname.push(".csv");
+
+	if (url) {
+		URL.revokeObjectURL(url);
+	}
+
+	blob = new Blob([ evt.data.payload ], { type: "text/csv" });
+	url = URL.createObjectURL(blob);
+
+	ui.working.className = "";
+	ui.working.innerHTML = "Done!";
+
+	ui.savelink.className = "";
+	ui.savelink.href = url;
+	ui.savelink.download = dlname.join("");
+}
+
+function do_load () {
+	ui.working = document.getElementById("working-indicator");
+	ui.f.ipv4 = document.form.ipv4;
+	ui.f.ipv6 = document.form.ipv6;
+	ui.f.submit = document.form.submit;
+	ui.savelink = document.getElementById("save-link");
+
+	worker = new Worker("worker.js", { type: "module" });
+	worker.onmessage = onmessage;
+}
+
+function do_submit () {
+	try {
+		if (!(ui.f.ipv4.checked || ui.f.ipv6.checked)) {
+			throw "Not pulling anything? (both v4 and v6 unchecked)";
+		}
+
+		worker.postMessage({
+			task_id: "null",
+			opt: {
+				"ipv4": ui.f.ipv4.checked,
+				"ipv6": ui.f.ipv6.checked
+			}
+		});
+
+		ui.f.submit.disabled = true;
+		ui.working.className = "working-animated";
+		ui.working.innerHTML = "Working ...";
+	}
+	catch (e) {
+		onerror(e);
+	}
+
+	return false;
+}
diff --git a/aws-ipblocks-csv/package-lock.json b/aws-ipblocks-csv/package-lock.json
new file mode 100644
index 0000000..398c0d5
--- /dev/null
+++ b/aws-ipblocks-csv/package-lock.json
@@ -0,0 +1,21 @@
+{
+  "name": "aws-ipblocks-csv",
+  "version": "0.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "aws-ipblocks-csv",
+      "version": "0.0.0",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "csv-stringify": "^6.4.4"
+      }
+    },
+    "node_modules/csv-stringify": {
+      "version": "6.4.4",
+      "resolved": "https://registry.npmjs.org/csv-stringify/-/csv-stringify-6.4.4.tgz",
+      "integrity": "sha512-NDshLupGa7gp4UG4sSNIqwYJqgSwvds0SvENntxoVoVvTzXcrHvd5gG2MWpbRpSNvk59dlmIe1IwNvSxN4IVmg=="
+    }
+  }
+}
diff --git a/aws-ipblocks-csv/package.json b/aws-ipblocks-csv/package.json
new file mode 100644
index 0000000..87e11b9
--- /dev/null
+++ b/aws-ipblocks-csv/package.json
@@ -0,0 +1,14 @@
+{
+  "name": "aws-ipblocks-csv",
+  "version": "0.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "author": "David Timber <david@snart.me>",
+  "license": "Apache-2.0",
+  "dependencies": {
+    "csv-stringify": "^6.4.4"
+  }
+}
diff --git a/aws-ipblocks-csv/worker.js b/aws-ipblocks-csv/worker.js
new file mode 100644
index 0000000..9d034d3
--- /dev/null
+++ b/aws-ipblocks-csv/worker.js
@@ -0,0 +1,143 @@
+/*
+ * Copyright (c) 2019-2022 David Timber <dxdt@dev.snart.me>
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+import { stringify } from "./node_modules/csv-stringify/dist/esm/index.js";
+
+function onerror (e, ctx) {
+	postMessage({
+		"task_id": ctx.task_id,
+		"error": e
+	});
+}
+
+function mkstringifier (ctx) {
+	const ret = stringify();
+	const csvdata = [];
+
+	ret.on('readable', function () {
+		let row;
+
+		while ((row = ret.read()) !== null) {
+			csvdata.push(row);
+		}
+	});
+
+	ret.on('finish', function () {
+		postMessage({
+			"task_id": ctx.task_id,
+			"meta": ctx.meta,
+			"payload": csvdata.join(""),
+		});
+	});
+
+	return ret;
+}
+
+function procMeta (ctx, data) {
+	ctx.meta = {
+		"syncToken": data["syncToken"],
+		"createDate": data["createDate"]
+	}
+}
+
+const HEADER = [
+	"IPV",
+	"REGION",
+	"NETGRP",
+	"SERVICE",
+	"NET",
+	"CIDR",
+	"SIZE"
+]
+
+function procPrefixes (ctx, data, opt, ipv, prefix_key, cidr_len_f) {
+	let i, o, p, sep, net, cidr;
+
+	for (i in data) {
+		o = data[i];
+		p = o[prefix_key];
+		sep = p.search("/");
+		net = p.substring(0, sep);
+		cidr = parseInt(p.substring(sep + 1));
+
+		ctx.csv.write([
+			ipv,
+			o["region"],
+			o["network_border_group"],
+			o["service"],
+			net,
+			cidr,
+			cidr_len_f(cidr)
+		]);
+	}
+}
+
+function calcCidrLen (whole, cidr) {
+	return BigInt(1) << BigInt(whole - cidr);
+}
+
+
+self.onmessage = async function (evt) {
+	const ctx = {
+		task_id: evt.data.task_id
+	};
+	const opt = evt.data.opt ? evt.data.opt : {
+		"ipv4": true,
+		"ipv6": true
+	};
+
+	try {
+		ctx.csv = mkstringifier(ctx);
+
+		const r = await fetch('https://ip-ranges.amazonaws.com/ip-ranges.json');
+		const json = await r.json()
+
+		procMeta(ctx, json);
+
+		ctx.csv.write(HEADER); // emit header
+
+		if (opt["ipv4"]) {
+			procPrefixes(
+				ctx,
+				json["prefixes"],
+				opt,
+				4,
+				"ip_prefix",
+				(cidr) => { return calcCidrLen(32, cidr) });
+		}
+
+		if (opt["ipv6"]) {
+			procPrefixes(
+				ctx,
+				json["ipv6_prefixes"],
+				opt,
+				6,
+				"ipv6_prefix",
+				(cidr) => { return calcCidrLen(128, cidr) });
+		}
+
+		ctx.csv.end(); // The CSV string will be posted in the event handler
+	}
+	catch (e) {
+		onerror(e, ctx);
+	}
+};