李白 (@dhb) 在 nftables添加cfip规则只允许cloudflare访问中发帖拉取cf ip写入到配置文件, 不存在/etc/nftables.d先手动mkdir创建一下 #!/usr/bin/env shset -euDIR="/etc/nftables.d"OUT4="${DIR}/cf-set-v4.nft"OUT6="${DIR}/cf-set-v6.nft"mkdir -p "$DIR"tmp4="$(mktemp)"tmp6="$(mktemp)"# v4 set block{ echo "set cf_ipv4 {" echo " type ipv4_addr;" echo " flags interval;" echo " elements = {" curl -fsSL

李白 (@dhb) 在 nftables添加cfip规则只允许cloudflare访问中发帖

拉取cf ip写入到配置文件, 不存在/etc/nftables.d先手动mkdir创建一下 
#!/usr/bin/env sh
set -eu

DIR="/etc/nftables.d"
OUT4="${DIR}/cf-set-v4.nft"
OUT6="${DIR}/cf-set-v6.nft"

mkdir -p "$DIR"

tmp4="$(mktemp)"
tmp6="$(mktemp)"

# v4 set block
{
  echo "set cf_ipv4 {"
  echo "        type ipv4_addr;"
  echo "        flags interval;"
  echo "        elements = {"
  curl -fsSL https://www.cloudflare.com/ips-v4 \
    | awk...