Tag Archives: Network

Validate IP Addresses and Networks with CIDR in Python

Python has a built-in package named ipaddress

You don’t need to install anything to use it.

This simple code shows how to use it

import ipaddress


def check_ip(s_ip_or_net):
    b_valid = True
    try:
        # The IP Addresses are expected to be passed without / even if it's /32 it would fail
        # If it uses / so, the CIDR notation, check it as a Network, even if it's /32
        if "/" in s_ip_or_net:
            o_net = ipaddress.ip_network(s_ip_or_net)
        else:
            o_ip = ipaddress.ip_address(s_ip_or_net)

    except ValueError:
        b_valid = False

    return b_valid


if __name__ == "__main__":
    a_ips = ["127.0.0.2.4",
             "127.0.0.0",
             "192.168.0.0",
             "192.168.0.1",
             "192.168.0.1 ",
             "192.168.0. 1",
             "192.168.0.1/32",
             "192.168.0.1 /32",
             "192.168.0.0/32",
             "192.0.2.0/255.255.255.0",
             "0.0.0.0/31",
             "0.0.0.0/32",
             "0.0.0.0/33",
             "1.2.3.4",
             "1.2.3.4/24",
             "1.2.3.0/24"]

    for s_ip in a_ips:
        b_success = check_ip(s_ip)
        if b_success is True:
            print(f"The IP Address or Network {s_ip} is valid")
        else:
            print(f"The IP Address or Network {s_ip} is not valid")

And the output is like this:

The IP Address or Network 127.0.0.2.4 is not valid
The IP Address or Network 127.0.0.0 is valid
The IP Address or Network 192.168.0.0 is valid
The IP Address or Network 192.168.0.1 is valid
The IP Address or Network 192.168.0.1  is not valid
The IP Address or Network 192.168.0. 1 is not valid
The IP Address or Network 192.168.0.1/32 is valid
The IP Address or Network 192.168.0.1 /32 is not valid
The IP Address or Network 192.168.0.0/32 is valid
The IP Address or Network 192.0.2.0/255.255.255.0 is valid
The IP Address or Network 0.0.0.0/31 is valid
The IP Address or Network 0.0.0.0/32 is valid
The IP Address or Network 0.0.0.0/33 is not valid
The IP Address or Network 1.2.3.4 is valid
The IP Address or Network 1.2.3.4/24 is not valid
The IP Address or Network 1.2.3.0/24 is valid

As you can read in the code comments, ipaddress.ip_address() will not validate an IP Address with the CIDR notation, even if it’s /32.

You should strip the /32 or use ipaddress.ip_network() instead.

As you can see 1.2.3.4/24 is returned as not valid.

You can pass the parameter strict=False and it will be returned as valid.

ipaddress.ip_network(s_ip_or_net, strict=False)

Blocking Russian and Belarus IP Addresses in Ubuntu’s Firewall

Last update: 2022-08-21

Me, as everybody in the civilized world, I’m shocked by the brutal invasion of Ukraine by Russia.

I’ve known brilliant IT Ukrainian Engineers and I have known how they have been helping companies around the world with their coding skills.

Me as everybody else have been receiving attacks from Russian and Belarus (and China) Ip Addresses in a daily basis for years, but I only blocked on the firewall the offending Ips.

But after the Russian invasion of Ukraine and the shelling over cities, and the murder of innocent people, families… not talking about the craziness of attacking the biggest nuclear power plant in Europe, I think that’s enough.

I know it can be argued that if the Russian population, which is not guilty of the decisions of their dictator president, are isolated from Internet they will be more alone. But I think that people that want peace, need to do something to set it clear that we don’t want anything to do with dictators that do not respect basic Human Rights.

Must say I have very nice Russian friends that are totally against the Russian invasion of Ukraine.

And obviously it doesn’t look like that Russian president is going to stop there. It looks to me like again, another crazy dictator is trying to invade Europe and enslave their nations. Also the repression against their own Russian population and the prosecution of Free of Speech, are unacceptable. And as a Catalan I know about this.

As Engineer, the only thing I can do is speak up and say No. This is bad. My way of doing that, is contributing to let the Russians know that the rest of the world do not approve invasions, violence and repression. And I’m adding my blog to the list of services that will not work in Russia and in Belarus.

I’ll be blocking in the Firewall any Russian and Belarus Ip Address I get to know until they leave Ukraine.

And I’ll share with you how you can do the same, and the Ip ranges that I found.

How to know if an IP belongs to Russia or Belarus

There are geographic databases that quickly will tell you.

But if you want to do it by yourself, in Linux you can do like this:

whois -a 94.231.154.121

In this case the IP that visited my blog belong to an ISP (Internet Service Provider). Their range is 94.231.144.0 to 94.231.159.255.

That range is the equivalent to 16 class C (or a mask /24 or in other words, 256 addresses):

  1. 94.231.144.0/24
  2. 94.231.145.0/24
  3. 94.231.146.0/24
  4. 94.231.147.0/24
  5. 94.231.148.0/24
  6. 94.231.149.0/24
  7. 94.231.150.0/24
  8. 94.231.151.0/24
  9. 94.231.152.0/24
  10. 94.231.153.0/24
  11. 94.231.154.0/24
  12. 94.231.155.0/24
  13. 94.231.156.0/24
  14. 94.231.157.0/24
  15. 94.231.158.0/24
  16. 94.231.159.0/24

These 16 class C /24, can be expressed as 8 /23, or 4 /22 or 2 /21 or one /20.

It is not always possible to use a mask for all the Ip’s of a provider, as they may have an even distribution, so in case of doubt you can use the route listed by whois for the ip you queried.

In this case I can use 94.231.144.0/20 so, 4,096 IP Addresses. I’m going to block them:

sudo ufw insert 1 deny from 94.231.144.0/20 to any

I’m going to block 2,097,152 of IP Addresses assigned to Russia in four ranges of 512K:

ufw insert 1 deny from 5.136.0.0/13 to any
ufw insert 1 deny from 95.24.0.0/13 to any
ufw insert 1 deny from 176.208.0.0/13 to any
ufw insert 1 deny from 178.64.0.0/13 to any

And few more blocks of 64K, 32K, 16K, 8K, 4K, 1K, 2K, 512 and 256 (/24) IP Addresses sorted, that connected to the blog:

ufw insert 1 deny from 5.18.0.0/16 to any
ufw insert 1 deny from 37.192.0.0/16 to any
ufw insert 1 deny from 109.252.0.0/16 to any
ufw insert 1 deny from 128.71.0.0/16 to any
ufw insert 1 deny from 194.220.0.0/16 to any
ufw insert 1 deny from 92.101.0.0/17 to any
ufw insert 1 deny from 92.255.128.0/17 to any
ufw insert 1 deny from 178.154.128.0/17 to any
ufw insert 1 deny from 37.9.64.0/18 to any
ufw insert 1 deny from 93.100.64.0/18 to any
ufw insert 1 deny from 93.100.128.0/18 to any
ufw insert 1 deny from 93.124.64.0/18 to any
ufw insert 1 deny from 141.8.128.0/18 to any
ufw insert 1 deny from 46.3.160.0/19 to any
ufw insert 1 deny from 46.38.96.0/19 to any
ufw insert 1 deny from 85.174.192.0/19 to any
ufw insert 1 deny from 85.234.32.0/19 to any
ufw insert 1 deny from 90.188.224.0/19 to any
ufw insert 1 deny from 94.242.0.0/19 to any
ufw insert 1 deny from 37.9.0.0/20 to any
ufw insert 1 deny from 37.9.32.0/20 to any
ufw insert 1 deny from 37.9.144.0/20 to any
ufw insert 1 deny from 46.148.192.0/20 to any
ufw insert 1 deny from 77.245.208.0/20 to any
ufw insert 1 deny from 79.110.64.0/20 to any
ufw insert 1 deny from 93.182.16.0/20 to any
ufw insert 1 deny from 95.152.32.0/20 to any
ufw insert 1 deny from 95.152.48.0/20 to any
ufw insert 1 deny from 109.168.224.0/20 to any
ufw insert 1 deny from 217.25.224.0/20 to any
ufw insert 1 deny from 217.114.144.0/20 to any
ufw insert 1 deny from 37.9.48.0/21 to any
ufw insert 1 deny from 37.9.128.0/21 to any
ufw insert 1 deny from 37.9.240.0/21 to any
ufw insert 1 deny from 85.202.0.0/21 to any
ufw insert 1 deny from 90.151.136.0/21 to any
ufw insert 1 deny from 95.72.24.0/21 to any
ufw insert 1 deny from 95.72.104.0/21 to any
ufw insert 1 deny from 195.133.152.0/21 to any
ufw insert 1 deny from 5.164.228.0/22 to any
ufw insert 1 deny from 5.164.248.0/22 to any
ufw insert 1 deny from 37.113.12.0/22 to any
ufw insert 1 deny from 37.113.32.0/22 to any
ufw insert 1 deny from 37.113.44.0/22 to any
ufw insert 1 deny from 37.113.52.0/22 to any
ufw insert 1 deny from 37.113.60.0/22 to any
ufw insert 1 deny from 37.113.136.0/22 to any
ufw insert 1 deny from 46.146.4.0/22 to any
ufw insert 1 deny from 62.217.188.0/22 to any
ufw insert 1 deny from 79.173.88.0/22 to any
ufw insert 1 deny from 91.204.148.0/22 to any
ufw insert 1 deny from 91.210.4.0/22 to any
ufw insert 1 deny from 91.219.56.0/22 to any
ufw insert 1 deny from 94.181.44.0/22 to any
ufw insert 1 deny from 94.181.164.0/22 to any
ufw insert 1 deny from 95.79.88.0/22 to any
ufw insert 1 deny from 95.170.152.0/22 to any
ufw insert 1 deny from 109.194.240.0/22 to any
ufw insert 1 deny from 109.194.244.0/22 to any
ufw insert 1 deny from 109.194.252.0/22 to any
ufw insert 1 deny from 178.17.180.0/22 to any
ufw insert 1 deny from 178.76.220.0/22 to any
ufw insert 1 deny from 195.133.16.0/22 to any
ufw insert 1 deny from 212.192.244.0/22 to any
ufw insert 1 deny from 212.193.184.0/22 to any
ufw insert 1 deny from 5.188.158.0/23 to any
ufw insert 1 deny from 31.173.242.0/23 to any
ufw insert 1 deny from 37.113.56.0/23 to any
ufw insert 1 deny from 46.148.234.0/23 to any
ufw insert 1 deny from 46.242.8.0/23 to any
ufw insert 1 deny from 80.95.44.0/23 to any
ufw insert 1 deny from 81.9.126.0/23 to any
ufw insert 1 deny from 83.220.238.0/23 to any
ufw insert 1 deny from 90.154.72.0/23 to any
ufw insert 1 deny from 93.159.230.0/23 to any
ufw insert 1 deny from 188.124.46.0/23 to any
ufw insert 1 deny from 188.130.136.0/23 to any
ufw insert 1 deny from 212.109.196.0/23 to any
ufw insert 1 deny from 5.188.170.0/24 to any
ufw insert 1 deny from 5.188.211.0/24 to any
ufw insert 1 deny from 37.113.58.0/24 to any
ufw insert 1 deny from 46.8.155.0/24 to any
ufw insert 1 deny from 46.8.156.0/24 to any
ufw insert 1 deny from 46.8.222.0/24 to any
ufw insert 1 deny from 46.161.48.0/24 to any
ufw insert 1 deny from 62.76.153.0/24 to any
ufw insert 1 deny from 62.113.118.0/24 to any
ufw insert 1 deny from 83.220.227.0/24 to any
ufw insert 1 deny from 91.230.107.0/24 to any
ufw insert 1 deny from 91.241.19.0/24 to any
ufw insert 1 deny from 91.243.44.0/24 to any
ufw insert 1 deny from 91.244.183.0/24 to any
ufw insert 1 deny from 94.103.80.0/24 to any
ufw insert 1 deny from 94.103.81.0/24 to any
ufw insert 1 deny from 94.103.82.0/24 to any
ufw insert 1 deny from 94.103.83.0/24 to any
ufw insert 1 deny from 94.103.84.0/24 to any
ufw insert 1 deny from 94.103.85.0/24 to any
ufw insert 1 deny from 94.103.86.0/24 to any
ufw insert 1 deny from 94.103.87.0/24 to any
ufw insert 1 deny from 94.103.88.0/24 to any
ufw insert 1 deny from 94.103.89.0/24 to any
ufw insert 1 deny from 94.103.90.0/24 to any
ufw insert 1 deny from 94.103.91.0/24 to any
ufw insert 1 deny from 94.103.92.0/24 to any
ufw insert 1 deny from 94.103.93.0/24 to any
ufw insert 1 deny from 94.103.94.0/24 to any
ufw insert 1 deny from 94.103.95.0/24 to any
ufw insert 1 deny from 94.140.138.0/24 to any
ufw insert 1 deny from 109.107.180.0/24 to any
ufw insert 1 deny from 109.194.21.0/24 to any
ufw insert 1 deny from 109.248.128.0/24 to any
ufw insert 1 deny from 176.113.115.0/24 to any
ufw insert 1 deny from 178.20.43.0/24 to any
ufw insert 1 deny from 178.176.214.0/24 to any
ufw insert 1 deny from 178.204.251.0/24 to any
ufw insert 1 deny from 179.60.149.0/24 to any
ufw insert 1 deny from 185.7.214.0/24 to any
ufw insert 1 deny from 185.9.187.0/24 to any
ufw insert 1 deny from 185.63.61.0/24 to any
ufw insert 1 deny from 185.76.147.0/24 to any
ufw insert 1 deny from 185.88.102.0/24 to any
ufw insert 1 deny from 192.166.119.0/24 to any
ufw insert 1 deny from 193.218.118.0/24 to any
ufw insert 1 deny from 194.87.218.0/24 to any
ufw insert 1 deny from 194.186.207.0/24 to any
ufw insert 1 deny from 194.190.90.0/24 to any
ufw insert 1 deny from 213.135.156.0/24 to any

Also, I have these additional assorted Russian IP Addresses Ranges, which also connected to the blog:

ufw insert 1 deny from 94.140.134.0/24 to any
ufw insert 1 deny from 5.167.48.0/22 to any
ufw insert 1 deny from 188.225.85.0/24 to any

ufw insert 1 deny from 188.170.175.0/24 to any
ufw insert 1 deny from 93.124.32.0/20 to any
ufw insert 1 deny from 213.226.123.0/24 to any
ufw insert 1 deny from 128.69.80.0/24 to any

ufw insert 1 deny from 176.226.128.0/19 to any
ufw insert 1 deny from 89.208.28.0/23 to any
ufw insert 1 deny from 88.201.128.0/20 to any

ufw insert 1 deny from 94.245.135.0/24 to any

ufw insert 1 deny from 95.161.221.0/24 to any

ufw insert 1 deny from 95.84.192.0/18 to any

ufw insert 1 deny from 92.100.0.0/16 to any

ufw insert 1 deny from 88.147.152.0/24 to any

ufw insert 1 deny from 194.190.179.0/24 to any

ufw insert 1 deny from 178.237.248.0/22 to any

ufw insert 1 deny from 94.25.128.0/17 to any

ufw insert 1 deny from 37.20.128.0/17 to any

ufw insert 1 deny from 85.113.128.0/21 to any

ufw insert 1 deny from 45.9.20.0/24 to any

ufw insert 1 deny from 91.225.25.0/24 to any
ufw insert 1 deny from 5.164.136.0/22 to any

ufw insert 1 deny from 31.210.223.0/24 to any

ufw insert 1 deny from 5.175.96.0/20 to any

ufw insert 1 deny from 149.255.24.0/21 to any

ufw insert 1 deny from 109.174.112.0/22 to any

ufw insert 1 deny from 188.127.242.0/24 to any

ufw insert 1 deny from 92.248.220.0/22 to any

ufw insert 1 deny from 178.155.4.0/24 to any
ufw insert 1 deny from 79.173.80.0/22 to any

ufw insert 1 deny from 188.254.0.0/17 to any

ufw insert 1 deny from 193.106.191.0/24 to any

ufw insert 1 deny from 95.55.0.0/17 to any
ufw insert 1 deny from 217.25.208.0/20 to any
ufw insert 1 deny from 31.132.232.0/21 to any
ufw insert 1 deny from 93.92.192.0/21 to any
ufw insert 1 deny from 95.32.128.0/23 to any
ufw insert 1 deny from 188.233.52.0/22 to any
ufw insert 1 deny from 87.244.6.0/24 to any
ufw insert 1 deny from 91.232.108.0/22 to any
ufw insert 1 deny from 84.42.32.0/19 to any
ufw insert 1 deny from 46.0.52.0/22 to any
ufw insert 1 deny from 79.133.112.0/21 to any
ufw insert 1 deny from 178.184.0.0/17 to any
ufw insert 1 deny from 178.34.148.0/22 to any
ufw insert 1 deny from 94.19.192.0/18 to any
ufw insert 1 deny from 77.223.68.0/22 to any
ufw insert 1 deny from 46.138.0.0/16 to any
ufw insert 1 deny from 37.110.0.0/17 to any
ufw insert 1 deny from 78.132.232.0/21 to any
ufw insert 1 deny from 188.255.0.0/17 to any
ufw insert 1 deny from 212.193.138.0/24 to any
ufw insert 1 deny from 46.0.203.0/24 to any
ufw insert 1 deny from 213.234.222.0/24 to any
ufw insert 1 deny from 94.180.140.0/22 to any

ufw insert 1 deny from 176.119.140.0/24 to any
ufw insert 1 deny from 94.181.152.0/22 to any
ufw insert 1 deny from 109.248.14.0/24 to any
ufw insert 1 deny from 109.248.129.0/24 to any
ufw insert 1 deny from 109.248.55.0/24 to any
ufw insert 1 deny from 45.135.33.0/24 to any

ufw insert 1 deny from 5.8.10.0/24 to any
ufw insert 1 deny from 80.66.65.0/24 to any
ufw insert 1 deny from 45.146.164.0/22 to any
ufw insert 1 deny from 31.129.3.0/24 to any
ufw insert 1 deny from 46.235.64.0/23 to any
ufw insert 1 deny from 93.187.184.0/21 to any
ufw insert 1 deny from 77.37.192.0/18 to any
ufw insert 1 deny from 78.153.130.0/24 to any
ufw insert 1 deny from 195.68.128.0/18 to any
ufw insert 1 deny from 79.139.128.0/17 to any

ufw insert 1 deny from 62.233.50.0/24 to any
ufw insert 1 deny from 194.79.45.0/24 to any
ufw insert 1 deny from 83.69.224.0/19 to any
ufw insert 1 deny from 77.35.0.0/18 to any
ufw insert 1 deny from 62.113.115.0/24 to any
ufw insert 1 deny from 136.169.255.0/24 to any
ufw insert 1 deny from 136.169.254.0/24 to any
ufw insert 1 deny from 136.169.253.0/24 to any
ufw insert 1 deny from 136.169.252.0/24 to any
ufw insert 1 deny from 136.169.251.0/24 to any
ufw insert 1 deny from 136.169.250.0/24 to any
ufw insert 1 deny from 136.169.249.0/24 to any
ufw insert 1 deny from 136.169.248.0/24 to any
ufw insert 1 deny from 136.169.247.0/24 to any
ufw insert 1 deny from 136.169.246.0/24 to any
ufw insert 1 deny from 136.169.245.0/24 to any
ufw insert 1 deny from 136.169.244.0/24 to any
ufw insert 1 deny from 136.169.243.0/24 to any
ufw insert 1 deny from 136.169.242.0/24 to any
ufw insert 1 deny from 136.169.241.0/24 to any
ufw insert 1 deny from 136.169.240.0/24 to any
ufw insert 1 deny from 5.228.0.0/16 to any
ufw insert 1 deny from 176.59.64.0/19 to any
ufw insert 1 deny from 80.82.60.0/22 to any
ufw insert 1 deny from 37.204.0.0/16 to any
ufw insert 1 deny from 188.32.0.0/16 to any
ufw insert 1 deny from 213.234.251.0/24 to any
ufw insert 1 deny from 77.35.128.0/18 to any
ufw insert 1 deny from 46.72.192.0/19 to any
ufw insert 1 deny from 91.239.85.0/24 to any
ufw insert 1 deny from 178.176.64.0/19 to any
ufw insert 1 deny from 37.252.224.0/19 to any

ufw insert 1 deny from 178.140.0.0/16 to any
ufw insert 1 deny from 83.220.240.0/20 to any
ufw insert 1 deny from 109.237.100.0/22 to any
ufw insert 1 deny from 89.185.85.0/24 to any
ufw insert 1 deny from 195.91.168.0/24 to any
ufw insert 1 deny from 95.84.32.0/19 to any
ufw insert 1 deny from 46.182.129.0/24 to any
ufw insert 1 deny from 46.182.130.0/24 to any
ufw insert 1 deny from 46.182.131.0/24 to any
ufw insert 1 deny from 46.182.132.0/24 to any
ufw insert 1 deny from 46.182.133.0/24 to any
ufw insert 1 deny from 46.182.134.0/24 to any
ufw insert 1 deny from 46.182.135.0/24 to any
ufw insert 1 deny from 136.169.128.0/18 to any
ufw insert 1 deny from 46.146.0.0/18 to any
ufw insert 1 deny from 46.146.64.0/19 to any
ufw insert 1 deny from 5.165.128.0/21 to any
ufw insert 1 deny from 78.29.96.0/19 to any
ufw insert 1 deny from 95.105.96.0/19 to any
ufw insert 1 deny from 95.104.192.0/21 to any
ufw insert 1 deny from 94.232.40.0/21 to any
ufw insert 1 deny from 77.35.224.0/19 to any
ufw insert 1 deny from 46.235.66.0/23 to any
ufw insert 1 deny from 178.45.248.0/21 to any
ufw insert 1 deny from 213.87.128.0/20 to any
ufw insert 1 deny from 185.60.44.0/22 to any
ufw insert 1 deny from 5.188.62.0/24 to any

ufw insert 1 deny from 93.124.48.0/20 to any
ufw insert 1 deny from 194.24.240.0/24 to any
ufw insert 1 deny from 188.187.68.0/22 to any
ufw insert 1 deny from 94.45.4.0/22 to any
ufw insert 1 deny from 88.83.192.0/19 to any
ufw insert 1 deny from 94.180.172.0/22 to any
ufw insert 1 deny from 213.108.0.0/22 to any
ufw insert 1 deny from 2.92.0.0/16 to any
ufw insert 1 deny from 176.114.64.0/24 to any
ufw insert 1 deny from 88.147.153.0/24 to any
ufw insert 1 deny from 109.248.138.0/23 to any

ufw insert 1 deny from 46.3.196.0/24 to any
ufw insert 1 deny from 212.248.0.0/17 to any
ufw insert 1 deny from 88.147.173.0/24 to any
ufw insert 1 deny from 95.79.132.0/22 to any
ufw insert 1 deny from 46.235.68.0/23 to any
ufw insert 1 deny from 5.227.0.0/17 to any
ufw insert 1 deny from 178.204.0.0/15 to any

ufw insert 1 deny from 94.181.184.0/22 to any
ufw insert 1 deny from 94.181.176.0/20 to any
ufw insert 1 deny from 188.130.129.0/24 to any

# Not 100% this one is russian
ufw insert 1 deny from 85.192.63.0/24 to any

ufw insert 1 deny from 85.192.63.0/24 to any
ufw insert 1 deny from 83.220.236.0/22 to any
ufw insert 1 deny from 95.110.32.0/19 to any
ufw insert 1 deny from 83.149.21.0/24 to any

I’ve identified this range of 32K, 8K IP Addresses and a class C from Belarus:

ufw insert 1 deny from 178.154.0.0/17 to any
ufw insert 1 deny from 134.17.160.0/19 to any
ufw insert 1 deny from 86.57.147.0/24 to any

If you need a CIDR / subnet calculator this is great: https://www.calculator.net/ip-subnet-calculator.html

I write all these ranges in a script, so I can apply to all my Servers, and so I can remove them from the Firewalls when Russia and Belarus leave Ukraine.