iptables GeoIP Ubuntu 16.04 / 18.04

This is New Configuration for GeoIP Blocking support on Ubuntu

Step-1: Install Prerequisites…
# apt-get update
# apt-get install curl unzip perl
# apt-get install xtables-addons-common
# apt-get install libtext-csv-xs-perl libmoosex-types-netaddr-ip-perl

Step-2:  Download the conversion script from Github/Google Drive
# cd /usr/local/src
Download this file from google drive
https://drive.google.com/file/d/1EDX1sJcxTVzGEhG_oFc5_srQZxHUh4mx/view?usp=sharing

OR, you can download the original workout from github..
https://github.com/mschmitt/GeoLite2xtables

Step-3: Convert the New GeoLite2 table..
# mkdir /usr/share/xt_geoip
# cd /usr/local/src/GeoLite2xtables/
# ./00_download_geolite2
# ./10_download_countryinfo
# cat /tmp/GeoLite2-Country-Blocks-IPv{4,6}.csv |./20_convert_geolite2 /tmp/CountryInfo.txt > /usr/share/xt_geoip/GeoIP-legacy.csv
# /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip /usr/share/xt_geoip/GeoIP-legacy.csv

Step-4: Loading the module to the kernel
# modprobe xt_geoip
# lsmod | grep ^xt_geoip

Step-5: Test: the GeoIP loaded Loaded Properly…
Just type on the console..# iptables -m geoip –help

If it outputs like below, then the geoip is loaded properly…

Usage: iptables -[ACD] chain rule-specification [options]
iptables -I chain [rulenum] rule-specification [options]
iptables -R chain rulenum rule-specification [options]
iptables -D chain rulenum [options]
iptables -[LS] [chain [rulenum]] [options]
iptables -[FZ] [chain] [options]
iptables -[NX] chain
iptables -E old-chain-name new-chain-name
iptables -P chain target [options]
iptables -h (print this help information)

Commands:
Either long or short options are allowed.
–append -A chain Append to chain
–check -C chain Check for the existence of a rule
–delete -D chain Delete matching rule from chain
–delete -D chain rulenum
Delete rule rulenum (1 = first) from chain
–insert -I chain [rulenum]
Insert in chain as rulenum (default 1=first)
–replace -R chain rulenum
Replace rule rulenum (1 = first) in chain
–list -L [chain [rulenum]]

[ Output Cut ]

Step-6: Put some Test Rules..
Blocking Russia, China, HongKong to send any mail to my server on 25 port

iptables -A INPUT -m geoip -p tcp –dport 25 –src-cc RU,CN,HK -j DROP

Add a Comment

Your email address will not be published. Required fields are marked *

*