This repository is automatically updated with EVERTRUST's CIDR ranges for whitelisting purposes. Each line represents a valid CIDR range according to RFC 4632.
The latest version is available at all times at: https://raw.githubusercontent.com/evertrust/ip-addresses/main/ips.txt.
We recommend pulling this database every day, as we may add or remove addresses with a 48h interval.
For conveniance purposes, this repository also keeps an index of some third-party vendor IPs lists that are regularly updated. These lists come without any guarantee and are usually tailored for EVERTRUST's software integrations.
Currently, the following lists are maintained:
-
azuread_ips.txt: the list of IPs used for SCIM provisioning for Entra (formerly Azure AD)
-
betteruptime_ips.txt: the list of IPs used for Better Uptime
-
jamf_ips.txt: the list of IPs used for Jamf.
Generate a Kubernetes ConfigMap with one ModSecurity rule file per IP list:
mise run generate-modsecurity-configmapThis writes modsecurity-rules-configmap.yaml. The ConfigMap keys keep the service names, for example azuread.conf, betteruptime.conf, and jamf.conf. The root ips.txt list is written as evertrust.conf.
Each generated file sets tx.allowed_source_ip=1 when REMOTE_ADDR matches its IP list.
Set CONFIGMAP_NAME or pass an output path to the script to customize the generated manifest:
CONFIGMAP_NAME=my-modsecurity-rules ./scripts/generate_modsecurity_configmap.sh ./configmap.yaml