On Mon, October 30, 2006 9:05 am, Bill Church wrote:
Mark Weaver wrote:
Gavin Carr wrote:
There are also a bunch of CPAN perl modules that can be used for this e.g. Geo::IP, Geo::IP2Location, Geo::IPfree, etc.
Hi Garvin,
Those are pretty cool... thanks for the heads up I was unaware of them, but they appear to be specifically for gathering geographical data which web master would use and have nothing to do with geo-blocking of spam.
The idea is, the lookup is fairly well debugged and automated through those models, just need some glue to built iptables rules for, especially Geo::IPfree. I would imagine you could do something like this to block all IPs that aren't US or something to that effect:
getcountry.pl: #!/usr/bin/perl use Geo::IPfree; my $new_ip = $ARGV[0] ; print "$new_ip\r\n" ; my ($country,$country_name,$ip) = Geo::IPfree::LookUp($new_ip) ; print "$country_name\r\n" ; if ($country eq "US") { print "US IP!\r\n" ; } else { print "Not US IP!\r\n" ; }
You can just run something like "getcountry.pl 212.5.80.0" (Kaspersky Labs, Russia) which should tell you that it's not a US IP. You could add this as another layer or use it for additional scoring. Obviously you would want to check the variables and all that good security stuff, this is a just a proof of concept.
makes good sense! I will have to get busy and see about incorporating this into the existing program. sure would clean things up more and make it more managable.
many thanks,