├── .gitignore ├── Makefile ├── README.md ├── ipv4-address-space.csv └── produce.py /.gitignore: -------------------------------------------------------------------------------- 1 | .vscode 2 | routes4.conf 3 | routes6.conf 4 | delegated-apnic-latest 5 | china_ip_list.txt 6 | ipv4-address-space.csv 7 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | produce: 2 | git pull 3 | curl -o delegated-apnic-latest https://ftp.apnic.net/stats/apnic/delegated-apnic-latest 4 | curl -o china_ip_list.txt https://raw.githubusercontent.com/17mon/china_ip_list/master/china_ip_list.txt 5 | python3 produce.py 6 | # sudo mv routes4.conf /etc/bird/routes4.conf 7 | # sudo mv routes6.conf /etc/bird/routes6.conf 8 | # sudo birdc configure 9 | # sudo birdc6 configure 10 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # nchnroutes 2 | 3 | Similar to chnroutes, but instead generates routes that are not originating from Mainland 4 | China and generates result in BIRD static route format 5 | 6 | Both IPv4 and IPv6 are supported. 7 | 8 | As of Jul 2021, the size of generated table is roughly 11000-12000 entries for IPv4 (depends on the IP list used) and 14000 for 9 | IPv6. On a Raspberry Pi 4 with BIRD, full loading and convergence over OSPF with RouterOS running 10 | on Mikrotik hEX takes around 5 seconds. 11 | 12 | For practical usage, check out my blog post (available in Chinese only): 13 | https://idndx.com/use-routeros-ospf-and-raspberry-pi-to-create-split-routing-for-different-ip-ranges/ 14 | 15 | Requires Python 3, no additional dependencies. 16 | 17 | ``` 18 | $ python3 produce.py -h 19 | 20 | usage: produce.py [-h] [--exclude [CIDR [CIDR ...]]] [--next INTERFACE OR IP] 21 | [--ipv4-list [{apnic,ipip} [{apnic,ipip} ...]]] 22 | 23 | Generate non-China routes for BIRD. 24 | 25 | optional arguments: 26 | -h, --help show this help message and exit 27 | --exclude [CIDR [CIDR ...]] 28 | IPv4 ranges to exclude in CIDR format 29 | --next INTERFACE OR IP 30 | next hop for where non-China IP address, this is 31 | usually the tunnel interface 32 | --ipv4-list [{apnic,ipip} [{apnic,ipip} ...]] 33 | IPv4 lists to use when subtracting China based IP, 34 | multiple lists can be used at the same time (default: 35 | apnic ipip) 36 | ``` 37 | 38 | To specify China IPv4 list to use, use the `--ipv4-list` as the following: 39 | 40 | * `python3 produce.py --ipv4-list ipip` - only use list [from ipip.net](https://github.com/17mon/china_ip_list) 41 | * `python3 produce.py --ipv4-list apnic` - only use list [from APNIC](https://ftp.apnic.net/stats/apnic/delegated-apnic-latest) 42 | * `python3 produce.py --ipv4-list apnic ipip` - use both lists **(default)** 43 | 44 | If you want to run this automatically, you can first edit `Makefile` and uncomment the BIRD reload code 45 | at the end, then: 46 | 47 | ``` 48 | sudo crontab -e 49 | ``` 50 | 51 | and add `0 0 * * 0 make -C /path/to/nchnroutes` to the file. 52 | 53 | This will re generate the table every Sunday at midnight and reload BIRD afterwards. 54 | -------------------------------------------------------------------------------- /ipv4-address-space.csv: -------------------------------------------------------------------------------- 1 | Prefix,Designation,Date,WHOIS,RDAP,Status [1],Note 2 | 000/8,IANA - Local Identification,1981-09,,,RESERVED,[2][2bis] 3 | 001/8,APNIC,2010-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 4 | 002/8,RIPE NCC,2009-09,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 5 | 003/8,Administered by ARIN,1994-05,whois.arin.net,"https://rdap.arin.net/registry 6 | http://rdap.arin.net/registry",LEGACY, 7 | 004/8,Administered by ARIN,1992-12,whois.arin.net,"https://rdap.arin.net/registry 8 | http://rdap.arin.net/registry",LEGACY, 9 | 005/8,RIPE NCC,2010-11,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 10 | 006/8,Army Information Systems Center,1994-02,whois.arin.net,"https://rdap.arin.net/registry 11 | http://rdap.arin.net/registry",LEGACY, 12 | 007/8,Administered by ARIN,1995-04,whois.arin.net,"https://rdap.arin.net/registry 13 | http://rdap.arin.net/registry",LEGACY, 14 | 008/8,Administered by ARIN,1992-12,whois.arin.net,"https://rdap.arin.net/registry 15 | http://rdap.arin.net/registry",LEGACY, 16 | 009/8,Administered by ARIN,1992-08,whois.arin.net,"https://rdap.arin.net/registry 17 | http://rdap.arin.net/registry",LEGACY, 18 | 010/8,IANA - Private Use,1995-06,,,RESERVED,[3] 19 | 011/8,DoD Intel Information Systems,1993-05,whois.arin.net,"https://rdap.arin.net/registry 20 | http://rdap.arin.net/registry",LEGACY, 21 | 012/8,AT&T Bell Laboratories,1995-06,whois.arin.net,"https://rdap.arin.net/registry 22 | http://rdap.arin.net/registry",LEGACY, 23 | 013/8,Administered by ARIN,1991-09,whois.arin.net,"https://rdap.arin.net/registry 24 | http://rdap.arin.net/registry",LEGACY, 25 | 014/8,APNIC,2010-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED,[4] 26 | 015/8,Administered by ARIN,1994-07,whois.arin.net,"https://rdap.arin.net/registry 27 | http://rdap.arin.net/registry",LEGACY, 28 | 016/8,Administered by ARIN,1994-11,whois.arin.net,"https://rdap.arin.net/registry 29 | http://rdap.arin.net/registry",LEGACY, 30 | 017/8,Apple Computer Inc.,1992-07,whois.arin.net,"https://rdap.arin.net/registry 31 | http://rdap.arin.net/registry",LEGACY, 32 | 018/8,Administered by ARIN,1994-01,whois.arin.net,"https://rdap.arin.net/registry 33 | http://rdap.arin.net/registry",LEGACY, 34 | 019/8,Ford Motor Company,1995-05,whois.arin.net,"https://rdap.arin.net/registry 35 | http://rdap.arin.net/registry",LEGACY, 36 | 020/8,Administered by ARIN,1994-10,whois.arin.net,"https://rdap.arin.net/registry 37 | http://rdap.arin.net/registry",LEGACY, 38 | 021/8,DDN-RVN,1991-07,whois.arin.net,"https://rdap.arin.net/registry 39 | http://rdap.arin.net/registry",LEGACY, 40 | 022/8,Defense Information Systems Agency,1993-05,whois.arin.net,"https://rdap.arin.net/registry 41 | http://rdap.arin.net/registry",LEGACY, 42 | 023/8,ARIN,2010-11,whois.arin.net,"https://rdap.arin.net/registry 43 | http://rdap.arin.net/registry",ALLOCATED, 44 | 024/8,ARIN,2001-05,whois.arin.net,"https://rdap.arin.net/registry 45 | http://rdap.arin.net/registry",ALLOCATED, 46 | 025/8,Administered by RIPE NCC,1995-01,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 47 | 026/8,Defense Information Systems Agency,1995-05,whois.arin.net,"https://rdap.arin.net/registry 48 | http://rdap.arin.net/registry",LEGACY, 49 | 027/8,APNIC,2010-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 50 | 028/8,DSI-North,1992-07,whois.arin.net,"https://rdap.arin.net/registry 51 | http://rdap.arin.net/registry",LEGACY, 52 | 029/8,Defense Information Systems Agency,1991-07,whois.arin.net,"https://rdap.arin.net/registry 53 | http://rdap.arin.net/registry",LEGACY, 54 | 030/8,Defense Information Systems Agency,1991-07,whois.arin.net,"https://rdap.arin.net/registry 55 | http://rdap.arin.net/registry",LEGACY, 56 | 031/8,RIPE NCC,2010-05,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 57 | 032/8,Administered by ARIN,1994-06,whois.arin.net,"https://rdap.arin.net/registry 58 | http://rdap.arin.net/registry",LEGACY, 59 | 033/8,DLA Systems Automation Center,1991-01,whois.arin.net,"https://rdap.arin.net/registry 60 | http://rdap.arin.net/registry",LEGACY, 61 | 034/8,Administered by ARIN,1993-03,whois.arin.net,"https://rdap.arin.net/registry 62 | http://rdap.arin.net/registry",LEGACY, 63 | 035/8,Administered by ARIN,1994-04,whois.arin.net,"https://rdap.arin.net/registry 64 | http://rdap.arin.net/registry",LEGACY, 65 | 036/8,APNIC,2010-10,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 66 | 037/8,RIPE NCC,2010-11,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 67 | 038/8,"PSINet, Inc.",1994-09,whois.arin.net,"https://rdap.arin.net/registry 68 | http://rdap.arin.net/registry",LEGACY, 69 | 039/8,APNIC,2011-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 70 | 040/8,Administered by ARIN,1994-06,whois.arin.net,"https://rdap.arin.net/registry 71 | http://rdap.arin.net/registry",LEGACY, 72 | 041/8,AFRINIC,2005-04,whois.afrinic.net,"https://rdap.afrinic.net/rdap/ 73 | http://rdap.afrinic.net/rdap/",ALLOCATED, 74 | 042/8,APNIC,2010-10,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 75 | 043/8,Administered by APNIC,1991-01,whois.apnic.net,https://rdap.apnic.net/,LEGACY, 76 | 044/8,Administered by ARIN,1992-07,whois.arin.net,"https://rdap.arin.net/registry 77 | http://rdap.arin.net/registry",LEGACY, 78 | 045/8,Administered by ARIN,1995-01,whois.arin.net,"https://rdap.arin.net/registry 79 | http://rdap.arin.net/registry",LEGACY, 80 | 046/8,RIPE NCC,2009-09,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 81 | 047/8,Administered by ARIN,1991-01,whois.arin.net,"https://rdap.arin.net/registry 82 | http://rdap.arin.net/registry",LEGACY, 83 | 048/8,Prudential Securities Inc.,1995-05,whois.arin.net,"https://rdap.arin.net/registry 84 | http://rdap.arin.net/registry",LEGACY, 85 | 049/8,APNIC,2010-08,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 86 | 050/8,ARIN,2010-02,whois.arin.net,"https://rdap.arin.net/registry 87 | http://rdap.arin.net/registry",ALLOCATED, 88 | 051/8,Administered by RIPE NCC,1994-08,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 89 | 052/8,Administered by ARIN,1991-12,whois.arin.net,"https://rdap.arin.net/registry 90 | http://rdap.arin.net/registry",LEGACY, 91 | 053/8,Daimler AG,1993-10,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 92 | 054/8,Administered by ARIN,1992-03,whois.arin.net,"https://rdap.arin.net/registry 93 | http://rdap.arin.net/registry",LEGACY, 94 | 055/8,DoD Network Information Center,1995-04,whois.arin.net,"https://rdap.arin.net/registry 95 | http://rdap.arin.net/registry",LEGACY, 96 | 056/8,US Postal Service,1994-06,whois.arin.net,"https://rdap.arin.net/registry 97 | http://rdap.arin.net/registry",LEGACY, 98 | 057/8,Administered by RIPE NCC,1995-05,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 99 | 058/8,APNIC,2004-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 100 | 059/8,APNIC,2004-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 101 | 060/8,APNIC,2003-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 102 | 061/8,APNIC,1997-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 103 | 062/8,RIPE NCC,1997-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 104 | 063/8,ARIN,1997-04,whois.arin.net,"https://rdap.arin.net/registry 105 | http://rdap.arin.net/registry",ALLOCATED, 106 | 064/8,ARIN,1999-07,whois.arin.net,"https://rdap.arin.net/registry 107 | http://rdap.arin.net/registry",ALLOCATED, 108 | 065/8,ARIN,2000-07,whois.arin.net,"https://rdap.arin.net/registry 109 | http://rdap.arin.net/registry",ALLOCATED, 110 | 066/8,ARIN,2000-07,whois.arin.net,"https://rdap.arin.net/registry 111 | http://rdap.arin.net/registry",ALLOCATED, 112 | 067/8,ARIN,2001-05,whois.arin.net,"https://rdap.arin.net/registry 113 | http://rdap.arin.net/registry",ALLOCATED, 114 | 068/8,ARIN,2001-06,whois.arin.net,"https://rdap.arin.net/registry 115 | http://rdap.arin.net/registry",ALLOCATED, 116 | 069/8,ARIN,2002-08,whois.arin.net,"https://rdap.arin.net/registry 117 | http://rdap.arin.net/registry",ALLOCATED, 118 | 070/8,ARIN,2004-01,whois.arin.net,"https://rdap.arin.net/registry 119 | http://rdap.arin.net/registry",ALLOCATED, 120 | 071/8,ARIN,2004-08,whois.arin.net,"https://rdap.arin.net/registry 121 | http://rdap.arin.net/registry",ALLOCATED, 122 | 072/8,ARIN,2004-08,whois.arin.net,"https://rdap.arin.net/registry 123 | http://rdap.arin.net/registry",ALLOCATED, 124 | 073/8,ARIN,2005-03,whois.arin.net,"https://rdap.arin.net/registry 125 | http://rdap.arin.net/registry",ALLOCATED, 126 | 074/8,ARIN,2005-06,whois.arin.net,"https://rdap.arin.net/registry 127 | http://rdap.arin.net/registry",ALLOCATED, 128 | 075/8,ARIN,2005-06,whois.arin.net,"https://rdap.arin.net/registry 129 | http://rdap.arin.net/registry",ALLOCATED, 130 | 076/8,ARIN,2005-06,whois.arin.net,"https://rdap.arin.net/registry 131 | http://rdap.arin.net/registry",ALLOCATED, 132 | 077/8,RIPE NCC,2006-08,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 133 | 078/8,RIPE NCC,2006-08,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 134 | 079/8,RIPE NCC,2006-08,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 135 | 080/8,RIPE NCC,2001-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 136 | 081/8,RIPE NCC,2001-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 137 | 082/8,RIPE NCC,2002-11,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 138 | 083/8,RIPE NCC,2003-11,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 139 | 084/8,RIPE NCC,2003-11,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 140 | 085/8,RIPE NCC,2004-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 141 | 086/8,RIPE NCC,2004-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 142 | 087/8,RIPE NCC,2004-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 143 | 088/8,RIPE NCC,2004-04,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 144 | 089/8,RIPE NCC,2005-06,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 145 | 090/8,RIPE NCC,2005-06,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 146 | 091/8,RIPE NCC,2005-06,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 147 | 092/8,RIPE NCC,2007-03,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 148 | 093/8,RIPE NCC,2007-03,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 149 | 094/8,RIPE NCC,2007-07,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 150 | 095/8,RIPE NCC,2007-07,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 151 | 096/8,ARIN,2006-10,whois.arin.net,"https://rdap.arin.net/registry 152 | http://rdap.arin.net/registry",ALLOCATED, 153 | 097/8,ARIN,2006-10,whois.arin.net,"https://rdap.arin.net/registry 154 | http://rdap.arin.net/registry",ALLOCATED, 155 | 098/8,ARIN,2006-10,whois.arin.net,"https://rdap.arin.net/registry 156 | http://rdap.arin.net/registry",ALLOCATED, 157 | 099/8,ARIN,2006-10,whois.arin.net,"https://rdap.arin.net/registry 158 | http://rdap.arin.net/registry",ALLOCATED, 159 | 100/8,ARIN,2010-11,whois.arin.net,"https://rdap.arin.net/registry 160 | http://rdap.arin.net/registry",ALLOCATED,[5] 161 | 101/8,APNIC,2010-08,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 162 | 102/8,AFRINIC,2011-02,whois.afrinic.net,"https://rdap.afrinic.net/rdap/ 163 | http://rdap.afrinic.net/rdap/",ALLOCATED, 164 | 103/8,APNIC,2011-02,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 165 | 104/8,ARIN,2011-02,whois.arin.net,"https://rdap.arin.net/registry 166 | http://rdap.arin.net/registry",ALLOCATED, 167 | 105/8,AFRINIC,2010-11,whois.afrinic.net,"https://rdap.afrinic.net/rdap/ 168 | http://rdap.afrinic.net/rdap/",ALLOCATED, 169 | 106/8,APNIC,2011-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 170 | 107/8,ARIN,2010-02,whois.arin.net,"https://rdap.arin.net/registry 171 | http://rdap.arin.net/registry",ALLOCATED, 172 | 108/8,ARIN,2008-12,whois.arin.net,"https://rdap.arin.net/registry 173 | http://rdap.arin.net/registry",ALLOCATED, 174 | 109/8,RIPE NCC,2009-01,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 175 | 110/8,APNIC,2008-11,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 176 | 111/8,APNIC,2008-11,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 177 | 112/8,APNIC,2008-05,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 178 | 113/8,APNIC,2008-05,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 179 | 114/8,APNIC,2007-10,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 180 | 115/8,APNIC,2007-10,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 181 | 116/8,APNIC,2007-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 182 | 117/8,APNIC,2007-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 183 | 118/8,APNIC,2007-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 184 | 119/8,APNIC,2007-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 185 | 120/8,APNIC,2007-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 186 | 121/8,APNIC,2006-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 187 | 122/8,APNIC,2006-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 188 | 123/8,APNIC,2006-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 189 | 124/8,APNIC,2005-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 190 | 125/8,APNIC,2005-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 191 | 126/8,APNIC,2005-01,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 192 | 127/8,IANA - Loopback,1981-09,,,RESERVED,[6] 193 | 128/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 194 | http://rdap.arin.net/registry",LEGACY, 195 | 129/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 196 | http://rdap.arin.net/registry",LEGACY, 197 | 130/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 198 | http://rdap.arin.net/registry",LEGACY, 199 | 131/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 200 | http://rdap.arin.net/registry",LEGACY, 201 | 132/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 202 | http://rdap.arin.net/registry",LEGACY, 203 | 133/8,Administered by APNIC,1997-03,whois.apnic.net,https://rdap.apnic.net/,LEGACY, 204 | 134/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 205 | http://rdap.arin.net/registry",LEGACY, 206 | 135/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 207 | http://rdap.arin.net/registry",LEGACY, 208 | 136/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 209 | http://rdap.arin.net/registry",LEGACY, 210 | 137/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 211 | http://rdap.arin.net/registry",LEGACY, 212 | 138/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 213 | http://rdap.arin.net/registry",LEGACY, 214 | 139/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 215 | http://rdap.arin.net/registry",LEGACY, 216 | 140/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 217 | http://rdap.arin.net/registry",LEGACY, 218 | 141/8,Administered by RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 219 | 142/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 220 | http://rdap.arin.net/registry",LEGACY, 221 | 143/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 222 | http://rdap.arin.net/registry",LEGACY, 223 | 144/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 224 | http://rdap.arin.net/registry",LEGACY, 225 | 145/8,Administered by RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 226 | 146/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 227 | http://rdap.arin.net/registry",LEGACY, 228 | 147/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 229 | http://rdap.arin.net/registry",LEGACY, 230 | 148/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 231 | http://rdap.arin.net/registry",LEGACY, 232 | 149/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 233 | http://rdap.arin.net/registry",LEGACY, 234 | 150/8,Administered by APNIC,1993-05,whois.apnic.net,https://rdap.apnic.net/,LEGACY, 235 | 151/8,Administered by RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 236 | 152/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 237 | http://rdap.arin.net/registry",LEGACY, 238 | 153/8,Administered by APNIC,1993-05,whois.apnic.net,https://rdap.apnic.net/,LEGACY, 239 | 154/8,Administered by AFRINIC,1993-05,whois.afrinic.net,"https://rdap.afrinic.net/rdap/ 240 | http://rdap.afrinic.net/rdap/",LEGACY, 241 | 155/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 242 | http://rdap.arin.net/registry",LEGACY, 243 | 156/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 244 | http://rdap.arin.net/registry",LEGACY, 245 | 157/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 246 | http://rdap.arin.net/registry",LEGACY, 247 | 158/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 248 | http://rdap.arin.net/registry",LEGACY, 249 | 159/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 250 | http://rdap.arin.net/registry",LEGACY, 251 | 160/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 252 | http://rdap.arin.net/registry",LEGACY, 253 | 161/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 254 | http://rdap.arin.net/registry",LEGACY, 255 | 162/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 256 | http://rdap.arin.net/registry",LEGACY, 257 | 163/8,Administered by APNIC,1993-05,whois.apnic.net,https://rdap.apnic.net/,LEGACY, 258 | 164/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 259 | http://rdap.arin.net/registry",LEGACY, 260 | 165/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 261 | http://rdap.arin.net/registry",LEGACY, 262 | 166/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 263 | http://rdap.arin.net/registry",LEGACY, 264 | 167/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 265 | http://rdap.arin.net/registry",LEGACY, 266 | 168/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 267 | http://rdap.arin.net/registry",LEGACY, 268 | 169/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 269 | http://rdap.arin.net/registry",LEGACY,[7] 270 | 170/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 271 | http://rdap.arin.net/registry",LEGACY, 272 | 171/8,Administered by APNIC,1993-05,whois.apnic.net,https://rdap.apnic.net/,LEGACY, 273 | 172/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 274 | http://rdap.arin.net/registry",LEGACY,[8] 275 | 173/8,ARIN,2008-02,whois.arin.net,"https://rdap.arin.net/registry 276 | http://rdap.arin.net/registry",ALLOCATED, 277 | 174/8,ARIN,2008-02,whois.arin.net,"https://rdap.arin.net/registry 278 | http://rdap.arin.net/registry",ALLOCATED, 279 | 175/8,APNIC,2009-08,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 280 | 176/8,RIPE NCC,2010-05,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 281 | 177/8,LACNIC,2010-06,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 282 | 178/8,RIPE NCC,2009-01,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 283 | 179/8,LACNIC,2011-02,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 284 | 180/8,APNIC,2009-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 285 | 181/8,LACNIC,2010-06,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 286 | 182/8,APNIC,2009-08,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 287 | 183/8,APNIC,2009-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 288 | 184/8,ARIN,2008-12,whois.arin.net,"https://rdap.arin.net/registry 289 | http://rdap.arin.net/registry",ALLOCATED, 290 | 185/8,RIPE NCC,2011-02,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 291 | 186/8,LACNIC,2007-09,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 292 | 187/8,LACNIC,2007-09,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 293 | 188/8,Administered by RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,LEGACY, 294 | 189/8,LACNIC,1995-06,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 295 | 190/8,LACNIC,1995-06,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 296 | 191/8,Administered by LACNIC,1993-05,whois.lacnic.net,https://rdap.lacnic.net/rdap/,LEGACY, 297 | 192/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 298 | http://rdap.arin.net/registry",LEGACY,[9][10] 299 | 193/8,RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 300 | 194/8,RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 301 | 195/8,RIPE NCC,1993-05,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 302 | 196/8,Administered by AFRINIC,1993-05,whois.afrinic.net,"https://rdap.afrinic.net/rdap/ 303 | http://rdap.afrinic.net/rdap/",LEGACY, 304 | 197/8,AFRINIC,2008-10,whois.afrinic.net,"https://rdap.afrinic.net/rdap/ 305 | http://rdap.afrinic.net/rdap/",ALLOCATED, 306 | 198/8,Administered by ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 307 | http://rdap.arin.net/registry",LEGACY,[11] 308 | 199/8,ARIN,1993-05,whois.arin.net,"https://rdap.arin.net/registry 309 | http://rdap.arin.net/registry",ALLOCATED, 310 | 200/8,LACNIC,2002-11,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 311 | 201/8,LACNIC,2003-04,whois.lacnic.net,https://rdap.lacnic.net/rdap/,ALLOCATED, 312 | 202/8,APNIC,1993-05,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 313 | 203/8,APNIC,1993-05,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED,[12] 314 | 204/8,ARIN,1994-03,whois.arin.net,"https://rdap.arin.net/registry 315 | http://rdap.arin.net/registry",ALLOCATED, 316 | 205/8,ARIN,1994-03,whois.arin.net,"https://rdap.arin.net/registry 317 | http://rdap.arin.net/registry",ALLOCATED, 318 | 206/8,ARIN,1995-04,whois.arin.net,"https://rdap.arin.net/registry 319 | http://rdap.arin.net/registry",ALLOCATED, 320 | 207/8,ARIN,1995-11,whois.arin.net,"https://rdap.arin.net/registry 321 | http://rdap.arin.net/registry",ALLOCATED, 322 | 208/8,ARIN,1996-04,whois.arin.net,"https://rdap.arin.net/registry 323 | http://rdap.arin.net/registry",ALLOCATED, 324 | 209/8,ARIN,1996-06,whois.arin.net,"https://rdap.arin.net/registry 325 | http://rdap.arin.net/registry",ALLOCATED, 326 | 210/8,APNIC,1996-06,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 327 | 211/8,APNIC,1996-06,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 328 | 212/8,RIPE NCC,1997-10,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 329 | 213/8,RIPE NCC,1993-10,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 330 | 214/8,US-DOD,1998-03,whois.arin.net,"https://rdap.arin.net/registry 331 | http://rdap.arin.net/registry",LEGACY, 332 | 215/8,US-DOD,1998-03,whois.arin.net,"https://rdap.arin.net/registry 333 | http://rdap.arin.net/registry",LEGACY, 334 | 216/8,ARIN,1998-04,whois.arin.net,"https://rdap.arin.net/registry 335 | http://rdap.arin.net/registry",ALLOCATED, 336 | 217/8,RIPE NCC,2000-06,whois.ripe.net,https://rdap.db.ripe.net/,ALLOCATED, 337 | 218/8,APNIC,2000-12,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 338 | 219/8,APNIC,2001-09,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 339 | 220/8,APNIC,2001-12,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 340 | 221/8,APNIC,2002-07,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 341 | 222/8,APNIC,2003-02,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 342 | 223/8,APNIC,2010-04,whois.apnic.net,https://rdap.apnic.net/,ALLOCATED, 343 | 224/8,Multicast,1981-09,,,RESERVED,[13] 344 | 225/8,Multicast,1981-09,,,RESERVED,[13] 345 | 226/8,Multicast,1981-09,,,RESERVED,[13] 346 | 227/8,Multicast,1981-09,,,RESERVED,[13] 347 | 228/8,Multicast,1981-09,,,RESERVED,[13] 348 | 229/8,Multicast,1981-09,,,RESERVED,[13] 349 | 230/8,Multicast,1981-09,,,RESERVED,[13] 350 | 231/8,Multicast,1981-09,,,RESERVED,[13] 351 | 232/8,Multicast,1981-09,,,RESERVED,[13] 352 | 233/8,Multicast,1981-09,,,RESERVED,[13] 353 | 234/8,Multicast,1981-09,,,RESERVED,[13][14] 354 | 235/8,Multicast,1981-09,,,RESERVED,[13] 355 | 236/8,Multicast,1981-09,,,RESERVED,[13] 356 | 237/8,Multicast,1981-09,,,RESERVED,[13] 357 | 238/8,Multicast,1981-09,,,RESERVED,[13] 358 | 239/8,Multicast,1981-09,,,RESERVED,[13][15] 359 | 240/8,Future use,1981-09,,,RESERVED,[16] 360 | 241/8,Future use,1981-09,,,RESERVED,[16] 361 | 242/8,Future use,1981-09,,,RESERVED,[16] 362 | 243/8,Future use,1981-09,,,RESERVED,[16] 363 | 244/8,Future use,1981-09,,,RESERVED,[16] 364 | 245/8,Future use,1981-09,,,RESERVED,[16] 365 | 246/8,Future use,1981-09,,,RESERVED,[16] 366 | 247/8,Future use,1981-09,,,RESERVED,[16] 367 | 248/8,Future use,1981-09,,,RESERVED,[16] 368 | 249/8,Future use,1981-09,,,RESERVED,[16] 369 | 250/8,Future use,1981-09,,,RESERVED,[16] 370 | 251/8,Future use,1981-09,,,RESERVED,[16] 371 | 252/8,Future use,1981-09,,,RESERVED,[16] 372 | 253/8,Future use,1981-09,,,RESERVED,[16] 373 | 254/8,Future use,1981-09,,,RESERVED,[16] 374 | 255/8,Future use,1981-09,,,RESERVED,[16][17] 375 | -------------------------------------------------------------------------------- /produce.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | import argparse 3 | import csv 4 | from ipaddress import IPv4Network, IPv6Network 5 | import math 6 | 7 | parser = argparse.ArgumentParser(description='Generate non-China routes for BIRD.') 8 | parser.add_argument('--exclude', metavar='CIDR', type=str, nargs='*', 9 | help='IPv4 ranges to exclude in CIDR format') 10 | parser.add_argument('--next', default="wg0", metavar = "INTERFACE OR IP", 11 | help='next hop for where non-China IP address, this is usually the tunnel interface') 12 | parser.add_argument('--ipv4-list', choices=['apnic', 'ipip'], default=['apnic', 'ipip'], nargs='*', 13 | help='IPv4 lists to use when subtracting China based IP, multiple lists can be used at the same time (default: apnic ipip)') 14 | 15 | args = parser.parse_args() 16 | 17 | class Node: 18 | def __init__(self, cidr, parent=None): 19 | self.cidr = cidr 20 | self.child = [] 21 | self.dead = False 22 | self.parent = parent 23 | 24 | def __repr__(self): 25 | return "" % self.cidr 26 | 27 | def dump_tree(lst, ident=0): 28 | for n in lst: 29 | print("+" * ident + str(n)) 30 | dump_tree(n.child, ident + 1) 31 | 32 | def dump_bird(lst, f): 33 | for n in lst: 34 | if n.dead: 35 | continue 36 | 37 | if len(n.child) > 0: 38 | dump_bird(n.child, f) 39 | 40 | elif not n.dead: 41 | f.write('route %s via "%s";\n' % (n.cidr, args.next)) 42 | 43 | RESERVED = [ 44 | IPv4Network('0.0.0.0/8'), 45 | IPv4Network('10.0.0.0/8'), 46 | IPv4Network('127.0.0.0/8'), 47 | IPv4Network('169.254.0.0/16'), 48 | IPv4Network('172.16.0.0/12'), 49 | IPv4Network('192.0.0.0/29'), 50 | IPv4Network('192.0.0.170/31'), 51 | IPv4Network('192.0.2.0/24'), 52 | IPv4Network('192.168.0.0/16'), 53 | IPv4Network('198.18.0.0/15'), 54 | IPv4Network('198.51.100.0/24'), 55 | IPv4Network('203.0.113.0/24'), 56 | IPv4Network('240.0.0.0/4'), 57 | IPv4Network('255.255.255.255/32'), 58 | IPv4Network('169.254.0.0/16'), 59 | IPv4Network('127.0.0.0/8'), 60 | IPv4Network('224.0.0.0/4'), 61 | IPv4Network('100.64.0.0/10'), 62 | ] 63 | RESERVED_V6 = [] 64 | if args.exclude: 65 | for e in args.exclude: 66 | if ":" in e: 67 | RESERVED_V6.append(IPv6Network(e)) 68 | 69 | else: 70 | RESERVED.append(IPv4Network(e)) 71 | 72 | IPV6_UNICAST = IPv6Network('2000::/3') 73 | 74 | def subtract_cidr(sub_from, sub_by): 75 | for cidr_to_sub in sub_by: 76 | for n in sub_from: 77 | if n.cidr == cidr_to_sub: 78 | n.dead = True 79 | break 80 | 81 | if n.cidr.supernet_of(cidr_to_sub): 82 | if len(n.child) > 0: 83 | subtract_cidr(n.child, sub_by) 84 | 85 | else: 86 | n.child = [Node(b, n) for b in n.cidr.address_exclude(cidr_to_sub)] 87 | 88 | break 89 | 90 | root = [] 91 | root_v6 = [Node(IPV6_UNICAST)] 92 | 93 | with open("ipv4-address-space.csv", newline='') as f: 94 | f.readline() # skip the title 95 | 96 | reader = csv.reader(f, quoting=csv.QUOTE_MINIMAL) 97 | for cidr in reader: 98 | if cidr[5] == "ALLOCATED" or cidr[5] == "LEGACY": 99 | block = cidr[0] 100 | cidr = "%s.0.0.0%s" % (block[:3].lstrip("0"), block[-2:], ) 101 | root.append(Node(IPv4Network(cidr))) 102 | 103 | with open("delegated-apnic-latest") as f: 104 | for line in f: 105 | if 'apnic' in args.ipv4_list and "apnic|CN|ipv4|" in line: 106 | line = line.split("|") 107 | a = "%s/%d" % (line[3], 32 - math.log(int(line[4]), 2), ) 108 | a = IPv4Network(a) 109 | subtract_cidr(root, (a,)) 110 | 111 | elif "apnic|CN|ipv6|" in line: 112 | line = line.split("|") 113 | a = "%s/%s" % (line[3], line[4]) 114 | a = IPv6Network(a) 115 | subtract_cidr(root_v6, (a,)) 116 | 117 | if 'ipip' in args.ipv4_list: 118 | with open("china_ip_list.txt") as f: 119 | for line in f: 120 | line = line.strip('\n') 121 | a = IPv4Network(line) 122 | subtract_cidr(root, (a,)) 123 | 124 | # get rid of reserved addresses 125 | subtract_cidr(root, RESERVED) 126 | # get rid of reserved addresses 127 | subtract_cidr(root_v6, RESERVED_V6) 128 | 129 | with open("routes4.conf", "w") as f: 130 | dump_bird(root, f) 131 | 132 | with open("routes6.conf", "w") as f: 133 | dump_bird(root_v6, f) 134 | --------------------------------------------------------------------------------