#!/bin/bash
#
# AMAZON-LEO IP Ranges - iptables/ipset rules
# ASN: AS801
# Generated: 2025-12-15
# Source: ScaniteX (https://scanitex.com)
#
# Usage: chmod +x this_script.sh && sudo ./this_script.sh
#

# Create IPv4 ipset
ipset create amazonleo_v4 hash:net -exist
ipset flush amazonleo_v4

# Add IPv4 ranges
ipset add amazonleo_v4 35.96.244.0/24
ipset add amazonleo_v4 35.96.38.0/24
ipset add amazonleo_v4 35.96.56.0/24
ipset add amazonleo_v4 35.96.5.0/24
ipset add amazonleo_v4 35.96.34.0/24
ipset add amazonleo_v4 35.96.32.0/24
ipset add amazonleo_v4 35.96.43.0/24
ipset add amazonleo_v4 35.96.36.0/24
ipset add amazonleo_v4 35.96.46.0/24
ipset add amazonleo_v4 35.96.44.0/24
ipset add amazonleo_v4 35.96.48.0/23
ipset add amazonleo_v4 35.96.40.0/24
ipset add amazonleo_v4 35.96.35.0/24
ipset add amazonleo_v4 35.96.45.0/24
ipset add amazonleo_v4 35.96.47.0/24
ipset add amazonleo_v4 35.96.33.0/24
ipset add amazonleo_v4 35.96.39.0/24
ipset add amazonleo_v4 35.97.128.0/24
ipset add amazonleo_v4 35.96.50.0/23
ipset add amazonleo_v4 35.96.52.0/23
ipset add amazonleo_v4 35.96.54.0/23
ipset add amazonleo_v4 35.96.58.0/23
ipset add amazonleo_v4 35.96.60.0/23
ipset add amazonleo_v4 35.97.129.0/24

# Create IPv6 ipset
ipset create amazonleo_v6 hash:net family inet6 -exist
ipset flush amazonleo_v6

# Add IPv6 ranges
ipset add amazonleo_v6 2606:7b40:1b12::/48
ipset add amazonleo_v6 2631:0:2::/48
ipset add amazonleo_v6 2606:7b40:1b14::/48
ipset add amazonleo_v6 2631:0:1::/48
ipset add amazonleo_v6 2606:7b40:1b10::/48
ipset add amazonleo_v6 2631:0:3::/48

# Apply iptables rules (uncomment to use)
# iptables -A INPUT -m set --match-set amazonleo_v4 src -j ACCEPT
# iptables -A INPUT -m set --match-set amazonleo_v4 src -j DROP
# ip6tables -A INPUT -m set --match-set amazonleo_v6 src -j ACCEPT
# ip6tables -A INPUT -m set --match-set amazonleo_v6 src -j DROP

echo "IP ranges for AMAZON-LEO loaded successfully!"
echo "IPv4 ranges: 24"
echo "IPv6 ranges: 6"