Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
howtos:geoip_on_ubuntu [2012/10/27 17:42] zimbernimbra |
howtos:geoip_on_ubuntu [2012/10/27 18:06] zimbernimbra |
GeoIP Filtering on Ubuntu 12.04 LTS | ===== GeoIP filtering on Ubuntu 12.04 LTS ===== |
| |
Though Ubuntu Linux offers packages for GeoIP filtering, some manual steps are still required for realization. | Though Ubuntu Linux offers packages for GeoIP filtering, some manual steps are still required for realization. |
| |
- Install the Kernel module + userspace programs <html><pre>sudo aptitude install xtables-addons-common</pre></html> | - Install the Kernel module + userspace programs <html><p><pre>sudo aptitude install xtables-addons-common</pre></p></html> |
- Create the directory for the GeoIP list <html><pre>sudo mkdir /usr/share/xt_geoip</pre></html> | - Create the directory for the GeoIP list <html><p><pre>sudo mkdir /usr/share/xt_geoip</pre></p></html> |
- Install the Perl module (optional) <html><pre>sudo aptitude install libtext-csv-xs-perl</pre></html> | - Install the Perl module (optional)<html><p><pre>sudo aptitude install libtext-csv-xs-perl</pre></p></html> |
- Download GeoIP list <html><pre>sudo /usr/lib/xtables-addons/xt_geoip_dl</pre></html> | - Download GeoIP list<html><p><pre>sudo /usr/lib/xtables-addons/xt_geoip_dl</pre>This will download the list to the current directory, if you want to change this, do that before execution of this command!</p></html> |
- Convert the GeoIP list <html><pre>sudo /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv</pre></html> | - Convert the GeoIP list<html><p><pre>sudo /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv</pre>This will build the output files in /usr/share/xt_geoip and assumes the GeoIP list is located in the current directory. Please also note, that you have to specify "*.csv", otherwise nothing will happen.</p></html> |
- Test everything <html><pre>sudo iptables -F && iptables -A OUTPUT -m geoip --dst-cc US -j DROP</pre></html> This will block all outgoing traffic to IP addresses located in the USA, next you can try to visit [[http://www.google.com|Google]], this should not work anymore. LOL | - Test everything<html><p><pre>sudo iptables -F && iptables -A OUTPUT -m geoip --dst-cc US -j DROP</pre> This will block all outgoing traffic to IP addresses located in the USA, next you can try to visit <a href="http://www.google.com" class="urlextern" title="http://www.google.com" rel="nofollow" target="_blank">Google</a>, this should not work anymore.</p></html> |
| |
__References:__ | __References:__ |