Permalink
Cannot retrieve contributors at this time
Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign up
Fetching contributors…
Cannot retrieve contributors at this time
| # FQDN IP Set population tool | |
| # a: anthony burke | |
| # g: github.com/pandom/ | |
| # t: pandom_ | |
| # This should be run as a cronjob every X hours | |
| param( | |
| $domainname = "news.com.au" | |
| ) | |
| #Internal, non custom variables | |
| $FQDNIpSetName = "IPS-$domainname-v4" | |
| $FQDNIpSetName6 = "IPS-$domainname-v6" | |
| $existingIp = Get-NsxIpset -name $FQDNIpSetName | |
| $existingIp6 = Get-NsxIpset -name $FQDNIpSetName6 | |
| if (!$existingIp){ | |
| $existingIp = New-NsxIpSet -name "$FQDNIpSetName" | |
| } | |
| if (!$existingIp6){ | |
| $existingIp6 = New-NsxIpSet -name "$FQDNIpSetName6" | |
| } | |
| # Perform DNS lookup | |
| $updatedIp = [System.Net.Dns]::GetHostAddressesAsync($domainname) | |
| $ipv4only = $updatedip.Result | ? {$_.AddressFamily -eq "InterNetwork"} | |
| $ipv6only = $updatedip.Result | ? {$_.AddressFamily -eq "InterNetworkV6"} | |
| $updatedIps = $ipv4only.IpAddressToString | |
| $updatedIps6 = $ipv6only.IpAddressToString | |
| $Global:array = @() | |
| $Global:array += $updatedIps | |
| $Global:array6 = @() | |
| $Global:array6 += $updatedIps6 | |
| #Add New IPv4 Addresses from $updatedIPs | |
| if ($updatedIps.count -gt '0') { | |
| write-host "Attempting to add $($array.length) IPv4 address(es) to $FQDNIpSetName" | |
| $Global:FQDNIpSet = Get-NsxIpSet -name $FQDNIpSetName | Add-NsxIpSetMember -IPAddress $array | |
| } | |
| # #Add New IPv6 Addresses from $updatedIPs6 | |
| if ($updatedIps6.count -gt '0') { | |
| write-host "Attempting to add $($array6.length) IPv6 address(es) to $FQDNIpSetName6" | |
| $Global:FQDNIpSet6 = Get-NsxIpSet -name $FQDNIpSetName6 | Add-NsxIpSetMember -IPAddress $array6 | |
| } | |
| #Remove old IPv4 Addresses if new $updatedIPs are added | |
| write-host "Tidying IPv4 entries" | |
| if ($existingip.value -gt 0){ | |
| try { | |
| $splitEIp = $existingip.value.Split(",") | |
| $global:existingipArray = @() | |
| foreach ($eip in $splitEIp) { | |
| foreach ($ipv4 in $ipv4only) { | |
| if ($eip -ne $ipv4){ | |
| $global:existingipArray += $eip | |
| } | |
| } | |
| } | |
| $global:purgearray = $existingiparray | Select -Unique | |
| if ($purgearray.count -gt '0'){ | |
| #write-host "Attempting to remove $($purgearray.count) stale IP Addresses from $FQDNIpSetName" | |
| $null = Get-NsxIpSet -name $FQDNIpSetName | Remove-NsxIpSetMember -IPaddress $global:purgearray | |
| } | |
| } | |
| catch { | |
| #write-host "No stale IPv4 entries to remove" | |
| } | |
| } | |
| #Remove old IPv6 Addresses if new $updatedIPs6 are added | |
| write-host "Tidying IPv6 entries" | |
| if ($existingip6.value -gt 0){ | |
| try { | |
| $splitEIp6 = $existingip6.value.Split(",") | |
| $global:existingipArray6 = @() | |
| foreach ($eip6 in $splitEIp6) { | |
| foreach ($ipv6 in $ipv6only) { | |
| if ($eip6 -ne $ipv6){ | |
| $global:existingipArray6 += $eip6 | |
| } | |
| } | |
| } | |
| $global:purgearray6 = $existingiparray6 | Select -Unique | |
| if ($purgearray6.count -gt '0'){ | |
| #write-host "Attempting to remove $($purgearray6.count) stale IP Addresses from $FQDNIpSetName6" | |
| $null = Get-NsxIpSet -name $FQDNIpSetName6 | Remove-NsxIpSetMember -IPaddress $global:purgearray6 | |
| } | |
| } | |
| catch { | |
| #write-host "No stale IPv6 entries to remove" | |
| } | |
| } | |