Lu5ck · April 24, 2025 08:36
diff --git a/pbr.user.azure b/pbr.user.azure
 #!/bin/sh
 # shellcheck disable=SC2015,SC3003,SC3060
 AZURE_URL="https://www.microsoft.com/en-us/download/details.aspx?id=56519"
 AZURE_JSON_FILE="/var/tmp/pbr_azure_ip_ranges.gz"
 AZURE_REGIONS="southeastasia southindia"
 AZURE_ADD_EMPTY_REGION="n"
 TARGET_TABLE="inet fw4"
 TARGET_INTERFACE="wan"

 AZURE_IPv4="/var/tmp/pbr_azure_ipv4.txt"
 AZURE_IPv6="/var/tmp/pbr_azure_ipv6.txt"

 cleanup()
 {
  rm -f "$AZURE_JSON_FILE"
  rm -f "$AZURE_IPv4"
  rm -f "$AZURE_IPv6"
 }

 trap cleanup 1 2 3 6
 mkdir -p "${AZURE_JSON_FILE%/*}"
 cleanup

 # Get the page content
 AZURE_PAGE_CONTENT=$(uclient-fetch --no-check-certificate -qO- "$AZURE_URL")
 if [ $? -ne 0 ]; then
  return 1
 fi

 # Extract the JSON URL using grep + sed
 AZURE_JSON_URL=$(echo "$AZURE_PAGE_CONTENT" | grep -o '"https:[^"]*\.json"' | sed 's/"//g' | head -n1)
 if [ -z "$AZURE_JSON_URL" ]; then
  return 1
 fi

 unset AZURE_PAGE_CONTENT

 uclient-fetch --no-check-certificate -qO- "$AZURE_JSON_URL" | gzip > "$AZURE_JSON_FILE"
 [ -s "$AZURE_JSON_FILE" ] || return 1

 unset AZURE_JSON_URL

 for AZURE_REGION in $AZURE_REGIONS; do
  AZURE_IPs=$(zcat $AZURE_JSON_FILE | jsonfilter -e "@.values[@.properties.region='$AZURE_REGION'].properties.addressPrefixes[*]")
  AZURE_IPs=$(echo "$AZURE_IPs" | xargs)
  for AZURE_IP in $AZURE_IPs; do
    case "$AZURE_IP" in
      *:*) echo $AZURE_IP >> $AZURE_IPv6 ;;
      *) echo $AZURE_IP >> $AZURE_IPv4 ;;
    esac
  done
 done

 if [ "$AZURE_ADD_EMPTY_REGION" = "y" ]; then
  AZURE_IPs=$(zcat $AZURE_JSON_FILE | jsonfilter -e "@.values[@.properties.region=''].properties.addressPrefixes[*]")
  AZURE_IPs=$(echo "$AZURE_IPs" | xargs)
  for AZURE_IP in $AZURE_IPs; do
    case "$AZURE_IP" in
      *:*) echo $AZURE_IP >> $AZURE_IPv6 ;;
      *) echo $AZURE_IP >> $AZURE_IPv4 ;;
    esac
  done
 fi

 unset AZURE_IPs
 unset AZURE_IP

 if [ "$(uci get pbr.config.ipv6_enabled)" = "1" ] && [ -s "$AZURE_IPv6" ]; then
  AZURE_IPv6_LIST=$(awk 'NF { printf "%s%s", sep, $0; sep=", " }' "$AZURE_IPv6")
  AZURE_NFTSET="pbr_${TARGET_INTERFACE}_6_dst_ip_user"
  nft "add element $TARGET_TABLE $AZURE_NFTSET { ${AZURE_IPv6_LIST//$'\n'/, } }" || return 1
  unset AZURE_IPv6_LIST
 fi

 if [ -s "$AZURE_IPv4" ]; then
  AZURE_IPv4_LIST=$(awk 'NF { printf "%s%s", sep, $0; sep=", " }' "$AZURE_IPv4")
  AZURE_NFTSET="pbr_${TARGET_INTERFACE}_4_dst_ip_user"
  nft "add element $TARGET_TABLE $AZURE_NFTSET { ${AZURE_IPv4_LIST//$'\n'/, } }" || return 1
  unset AZURE_IPv4_LIST
 fi

 unset AZURE_NFTSET

 cleanup
 return 0
	#!/bin/sh
	# shellcheck disable=SC2015,SC3003,SC3060
	AZURE_URL="https://www.microsoft.com/en-us/download/details.aspx?id=56519"
	AZURE_JSON_FILE="/var/tmp/pbr_azure_ip_ranges.gz"
	AZURE_REGIONS="southeastasia southindia"
	AZURE_ADD_EMPTY_REGION="n"
	TARGET_TABLE="inet fw4"
	TARGET_INTERFACE="wan"

	AZURE_IPv4="/var/tmp/pbr_azure_ipv4.txt"
	AZURE_IPv6="/var/tmp/pbr_azure_ipv6.txt"

	cleanup()
	{
	rm -f "$AZURE_JSON_FILE"
	rm -f "$AZURE_IPv4"
	rm -f "$AZURE_IPv6"
	}

	trap cleanup 1 2 3 6
	mkdir -p "${AZURE_JSON_FILE%/*}"
	cleanup

	# Get the page content
	AZURE_PAGE_CONTENT=$(uclient-fetch --no-check-certificate -qO- "$AZURE_URL")
	if [ $? -ne 0 ]; then
	return 1
	fi

	# Extract the JSON URL using grep + sed
	AZURE_JSON_URL=$(echo "$AZURE_PAGE_CONTENT" \| grep -o '"https:[^"]*\.json"' \| sed 's/"//g' \| head -n1)
	if [ -z "$AZURE_JSON_URL" ]; then
	return 1
	fi

	unset AZURE_PAGE_CONTENT

	uclient-fetch --no-check-certificate -qO- "$AZURE_JSON_URL" \| gzip > "$AZURE_JSON_FILE"
	[ -s "$AZURE_JSON_FILE" ] \|\| return 1

	unset AZURE_JSON_URL

	for AZURE_REGION in $AZURE_REGIONS; do
	AZURE_IPs=$(zcat $AZURE_JSON_FILE \| jsonfilter -e "@.values[@.properties.region='$AZURE_REGION'].properties.addressPrefixes[*]")
	AZURE_IPs=$(echo "$AZURE_IPs" \| xargs)
	for AZURE_IP in $AZURE_IPs; do
	case "$AZURE_IP" in
	:) echo $AZURE_IP >> $AZURE_IPv6 ;;
	*) echo $AZURE_IP >> $AZURE_IPv4 ;;
	esac
	done
	done

	if [ "$AZURE_ADD_EMPTY_REGION" = "y" ]; then
	AZURE_IPs=$(zcat $AZURE_JSON_FILE \| jsonfilter -e "@.values[@.properties.region=''].properties.addressPrefixes[*]")
	AZURE_IPs=$(echo "$AZURE_IPs" \| xargs)
	for AZURE_IP in $AZURE_IPs; do
	case "$AZURE_IP" in
	:) echo $AZURE_IP >> $AZURE_IPv6 ;;
	*) echo $AZURE_IP >> $AZURE_IPv4 ;;
	esac
	done
	fi

	unset AZURE_IPs
	unset AZURE_IP

	if [ "$(uci get pbr.config.ipv6_enabled)" = "1" ] && [ -s "$AZURE_IPv6" ]; then
	AZURE_IPv6_LIST=$(awk 'NF { printf "%s%s", sep, $0; sep=", " }' "$AZURE_IPv6")
	AZURE_NFTSET="pbr_${TARGET_INTERFACE}_6_dst_ip_user"
	nft "add element $TARGET_TABLE $AZURE_NFTSET { ${AZURE_IPv6_LIST//$'\n'/, } }" \|\| return 1
	unset AZURE_IPv6_LIST
	fi

	if [ -s "$AZURE_IPv4" ]; then
	AZURE_IPv4_LIST=$(awk 'NF { printf "%s%s", sep, $0; sep=", " }' "$AZURE_IPv4")
	AZURE_NFTSET="pbr_${TARGET_INTERFACE}_4_dst_ip_user"
	nft "add element $TARGET_TABLE $AZURE_NFTSET { ${AZURE_IPv4_LIST//$'\n'/, } }" \|\| return 1
	unset AZURE_IPv4_LIST
	fi

	unset AZURE_NFTSET

	cleanup
	return 0