A CLI tool for fetching and managing CIDR IP ranges from RIRs with firewall integration.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for vulnebify from gravatar.com vulnebify

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers
Report project as malware

Project description

CIDRE

CIDRe is a CLI tool that fetches daily updated IP allocations from Regional Internet Registries (RIRs), compiles them into country-based CIDR files, and allows easy firewall management. Daily automatic CIDR updates in the repository.

Compile CIDRs Publish Release to PyPI

asciicast

Quick start

Install CIDRE

pip install cidre-cli

Pull & merge CIDR ranges

cidre cidr pull --merge
  • Downloads the latest CIDR allocations from RIRs.
  • Merges overlapping IP ranges for efficiency.

Block specific countries

# UFW is better suited for small CIDR inputs
cidre firewall deny ir kp --firewall ufw
  • Blocks Iran (IR), and North Korea (KP) in UFW.
  • Requires ufw installed (sudo apt install ufw).
# iptables is better suited for large CIDR inputs
cidre firewall deny ru ir kp --firewall iptables
  • Blocks Russia (RU), Iran (IR), and North Korea (KP) in iptables using ipset.
  • Requires ipset and iptables installed (sudo apt install ipset iptables).

Installation

From PyPI

pip install cidre-cli

From Release

Download the latest precompiled binary from the Releases page:

chmod +x cidre && ./cidre

From Sources

git clone https://github.com/vulnebify/cidre.git && cd cidre && python3 -m venv .venv && source .venv/bin/activate && pip install .

Commands

cidr pull

Command Description
cidre cidr pull Fetches the latest IP allocation data from all RIRs
cidre cidr pull --merge Merges overlapping IP ranges for efficiency. Optional.
cidre cidr pull --proxy PROXY Proxies connection to RIRs. Optional.
cidre cidr pull --cidr-store PATH Specifies CIDRs' custom storage directory. Default: ./output/cidr

cidr count

Command Description
cidre cidr count Counts amount of IPs per country
cidre cidr count US CN Counts amount of IPs by country code (ISO 3166-1 alpha-2 code)
cidre cidr count --cidr-store PATH Specifies CIDRs' custom storage directory. Default: ./output/cidr

firewall allow|deny|reject

Command Description
cidre firewall allow Apply allow rule to specified firewall
cidre firewall deny Apply deny rule to specified firewall
cidre firewall reject Apply reject rule to specified firewall
cidre firewall reject --firewall ufw Firewall to apply rules. Options: ufw, iptables. Default: ufw
cidre firewall reject --cidr-store PATH Specifies CIDRs' custom storage directory. Default: ./output/cidr

⚠️ NOTE: iptables firewall DO NOT persist rules by default

To ensure iptables and IPSet rules persist after a reboot, follow these steps:

# Save rules based on the firewall method:
# - For iptables + IPSet:
sudo ipset save > /etc/ipset.rules
sudo iptables-save > /etc/iptables/rules.v4
sudo ip6tables-save > /etc/iptables/rules.v6

# Restore firewall rules on boot:
# - For iptables + IPSet:
sudo bash -c 'echo "ipset restore < /etc/ipset.rules" >> /etc/rc.local'
sudo chmod +x /etc/rc.local

# Reboot and verify:
sudo reboot
sudo ipset list
sudo iptables -L -v -n

License

This project is licensed under the MIT License.

Inspired by

CIDRE was inspired by herrbischoff/country-ip-blocks and aims to provide an automated alternative with firewall integration.

Contributions

PRs are welcome! Feel free to fork the repo and submit pull requests.

Contact

For any questions, open an issue or reach out via GitHub Discussions.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for vulnebify from gravatar.com vulnebify

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

2.1.3

2.1.2

2.1.1

2.0.0

1.1.6

1.1.5

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.6

1.0.5

1.0.4

1.0.3

1.0.2

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cidre_cli-2.1.3.tar.gz (10.9 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

cidre_cli-2.1.3-py3-none-any.whl (12.0 kB view details)

Uploaded Python 3

File details

Details for the file cidre_cli-2.1.3.tar.gz.

File metadata

  • Download URL: cidre_cli-2.1.3.tar.gz
  • Upload date:
  • Size: 10.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.10.18

File hashes

Hashes for cidre_cli-2.1.3.tar.gz
Algorithm Hash digest
SHA256 9bc577905c61869d20fef83d2312d2277244a52c41f11d164fad0f3e1e1426f4
MD5 ca97dd0e8fd234a137fd5b7cad000fe0
BLAKE2b-256 def6c1957c60315530f80dc73a56049ae9c430722d5a39e24ce61e65edd72448

See more details on using hashes here.

File details

Details for the file cidre_cli-2.1.3-py3-none-any.whl.

File metadata

  • Download URL: cidre_cli-2.1.3-py3-none-any.whl
  • Upload date:
  • Size: 12.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.10.18

File hashes

Hashes for cidre_cli-2.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 7b4ad0be4df8b5f1636ce35020296f47470d3d09920bfc51580c1a6a9ef519cc
MD5 4618b6c1f48a78084df537a42ba786f4
BLAKE2b-256 ea4e94d676ce9af0d5856f3f612378f0cbb09138d5f7a336a297113d1da4017f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page