On 12/08/2020 05:25 PM, Steve Wilson wrote: > > On 09/12/2020 00:01, Grant Taylor wrote: >> On 12/8/20 4:44 PM, Steve Wilson wrote: >>> I use this as the first step to limit ssh access to one of my >>> servers: `iptables -A INPUT -p tcp -m tcp --dport 22 -m geoip ! >>> --src-cc GB -m comment --comment "Drop SSH from outside GB" -j DROP` >> >> Has the geoip match extension been updated to take into account >> MaxMind discontinuing their GeoLite database and the need to support >> GeoLite2? >> > The xt_geoip_dl script grabs a csv from > https://db-ip.com/db/download/ip-to-country-lite. I imagine there's a > method for dealing with maxmind's new version and converting to csv if > they don't already provide one for the paid service. > > Steve
Steve, suggested a good alternative database of IP's with two letter country beside them. It can be sorted by country in a spreadsheet. This 16MB file would seem like an ideal solution; but checking is it is missing 212.114.17 number I've checked earlier from the other source. The number 212.114.16 correctly identified as "FR" (France). deny from 212.114.16.0/24 deny from 212.114.17.0/24 The dbip-country-lite-2020-12.csv lists: 212.114.10.0 212.114.15.255 RU 212.114.16.0 212.114.31.255 FR 212.114.32.0 212.114.49.39 DE In addition all numbers 2.61.192.0 is missing as well.
