[CentOS] CentOS 6.X, iptables 1.47 and GeoLite2 Country Database
Kenneth Porter
shiva at sewingwitch.com
Tue Jan 15 03:08:39 UTC 2019
--On Monday, January 14, 2019 7:29 AM +0000 Phil Perry <pperry at elrepo.org>
wrote:
> I use ipdeny's aggregated country lists to do the same thing:
>
> http://www.ipdeny.com/ipblocks/data/aggregated/
>
> I just feed this data directly into ipset/iptables via a script running
> on my firewall (not a C6 box). ipset is a really efficient way of doing
> this.
CentOS 7 uses firewalld which has direct support for ipsets in XML form.
Hopefully the site will soon supply the data in that format. (But it's not
hard to generate the files from their format.)
Note that a zip file of all the individual country files can be downloaded
here:
http://www.ipdeny.com/ipblocks/
More information about the CentOS
mailing list