#!/usr/bin/env bash
AMAZON_IP_RANGES=https://ip-ranges.amazonaws.com/ip-ranges.json
IPRANGES_json=/tmp/ip-ranges.json
#DIR=/etc/nftables.d    # uncomment this and comment following line for replacing by cron
DIR=/tmp
IPV4=${DIR}/defines-amazon_ipv4.nft
IPV6=${DIR}/defines-amazon_ipv6.nft

# --- download file if not already here ---
if [ ! -e ${IPRANGES_json} ]
then
  curl -Ro ${IPRANGES_json} ${AMAZON_IP_RANGES}
fi

# ------ create IPv4 define ------
echo "define amazon_ipv4 = {" >${IPV4} ## sed 's/"//g'|
jq .prefixes[].ip_prefix ${IPRANGES_json} | sed 's/"//g'| while read IP
do
  echo "  ${IP}," >>${IPV4}
done
echo "}" >>${IPV4}

# ------ create IPv6 define file ------
echo "define amazon_ipv6 = {" >${IPV6} 
jq .ipv6_prefixes[].ipv6_prefix ${IPRANGES_json} | sed 's/"//g'| while read IP
do
  echo "  ${IP}," >>${IPV6}
done
echo "}" >>${IPV6}