We go to site web official the maxmind https://dev.maxmind.com/geoip/geoip2/geolite2/
I recommendation read terms and conditions the use.
We go to https://www.maxmind.com/en/geolite2/signup we make process the registration and we login.
Being logged we will a download files.
And download GeoLite2 Country format CSV in Download zip.
The contend inside the file zip, uncompressed the files GeoLite2-Country-Blocks-IPv6.csv and GeoLite2-Country-Blocks-IPv4.csv.
.
We clone following project https://github.com/mschmitt/GeoLite2xtables and we copied this tow file inside the folder cloned.
# git clone https://github.com/mschmitt/GeoLite2xtables
# cd GeoLite2xtables/
Download file countryInfo.txt
# curl http://download.geonames.org/export/dump/countryInfo.txt
We convert file to format legacy necessary for the it's working.
# cat GeoLite2-Country-Blocks-IPv{4,6}.csv |
./20_convert_geolite2 CountryInfo.txt > /usr/share/xt_geoip/GeoIP-legacy.csv
We build the file GeoIP-legacy.csv with next command.
# /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip /usr/share/xt_geoip/GeoIP-legacy.csv
This generate two folders named LE and BE in the path /usr/share/xt_geoip/.
Check using iptables with next command. Here's the basic syntax for using iptables
# iptables -m geoip --src-cc country[,country...] --dst-cc country[,country...]
Example
# iptables -I INPUT -m geoip --src-cc IN,US -j DROP
0 Comments