-
-
Save pstakuu/9ea464d98cb5619133735d3ee6deeb22 to your computer and use it in GitHub Desktop.
| $guid = New-Guid | |
| $webdata = Invoke-RestMethod -Uri "https://endpoints.office.com/endpoints/worldwide?clientrequestid=$guid" | |
| <# webdata example | |
| id : 65 | |
| serviceArea : Common | |
| serviceAreaDisplayName : Microsoft 365 Common and Office Online | |
| urls : {account.office.net} | |
| ips : {52.108.0.0/14, 2603:1006:1400::/40, 2603:1016:2400::/40, 2603:1026:2400::/40...} | |
| tcpPorts : 80,443 | |
| expressRoute : True | |
| category : Allow | |
| required : True | |
| #> | |
| $urlsWithIPs = $webdata | where ips -ne $null | |
| $data = foreach ($entry in $urlsWithIPs) { | |
| foreach ($ip in $entry.ips) { | |
| if ($ip -match "\/([1-9]|[12][0-9]|3[01])\b") { #this matches only CIDR ranges between /1 to /32 | |
| $props = [ordered]@{ | |
| "address" = $ip; | |
| "description" = "$($entry.servicearea) for geoblock"; | |
| "reason" = 2; | |
| "type" = 2 | |
| } | |
| New-Object -TypeName PSObject -Property $props | |
| } | |
| } | |
| } | |
| $urls = $webdata | where urls -ne $Null | |
| $moreData = foreach ($url in $urls) { | |
| foreach ($URI in $url.urls) { | |
| $props = [ordered]@{ | |
| "address" = $URI; | |
| "description" = "$($entry.servicearea) for geoblock"; | |
| "reason" = 2; | |
| "type" = 7 | |
| } | |
| New-Object -TypeName PSObject -Property $props | |
| } | |
| } | |
| $allData = $data + $moreData | |
| $date = get-date -Format MMddyy | |
| New-object -TypeName PSObject -Property @{"geoblock_exc_list"=$allData} | ConvertTo-Json | out-file "C:\temp\$($date)_o365ips.txt" |
got the regex from https://regextutorial.org/regex-for-numbers-and-ranges.php
updated "type" to 2 for watchguard exceptions using networks is 2, instead of 1, which is host IP
Now it does URL's as well
Now it outputs the file with the geoblock_exc_list for the JSON so there's no manual manipulation
Now uses a new GUID for web requests per: https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-ip-web-service?view=o365-worldwide#common-parameters
Realizing now there is https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-ip-web-service?view=o365-worldwide#endpoints-web-method which indicates there is a NOIPV6=true parameter that could be used like:
$webdata = Invoke-RestMethod -Uri "https://endpoints.office.com/endpoints/worldwide?NOIPV6=true&clientrequestid=$guid"
Which would eliminate needing to filter for IPV4 afterwards
update to filter for only IPV4 - if ($ip -match "/([1-9]|[12][0-9]|3[01])\b")