This is an old revision of the document!

GeoIP Filtering on Ubuntu 12.04 LTS

Though Ubuntu Linux offers packages for GeoIP filtering, some manual steps are still required for realization.

  1. Install the Kernel module + userspace programs 
    sudo aptitude install xtables-addons-common
  2. Create the directory for the GeoIP list 
    sudo mkdir /usr/share/xt_geoip
  3. Install the Perl module (optional) 
    sudo aptitude install libtext-csv-xs-perl
  4. Download GeoIP list 
    sudo /usr/lib/xtables-addons/xt_geoip_dl
  5. Convert the GeoIP list 
    sudo /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv
  6. Test everything 
    sudo iptables -F && iptables -A OUTPUT -m geoip --dst-cc US -j DROP
    This will block all outgoing traffic to IP addresses located in the USA, next you can try to visit Google, this should not work anymore. LOL

References:

  1. Robert Haddon's Blog, Words from High, (last visited on 2012-10-27)
  2. xtables on sourceforge.net, (last visited on 2012-10-27)
  • Last modified: 2020/09/16 20:57