ipset and Cloudflare
While setting up the server for this blog I stumbled across the problem to whitelist cloudflare’s ip ranges in iptables.
After a quick search I realized a smart and efficient way to do this is using ipset.
Thus I created a script to download the latest Cloudfare’s IPv4 ranges and create an ipset list out of it.
After running it you can use it in your iptables rules like this
-A INPUT -p tcp -m tcp --dport 443 -m set --match-set cloudflare src -j ACCEPT