Skip to content

Instantly share code, notes, and snippets.

@baydakovss

baydakovss/iptables_geoip_debian.md

Forked from netrunn3r/iptables_geoip_debian.md
Created April 6, 2022 15:21
Show Gist options
  • Save baydakovss/6393f3e97383eb26d2bdd4aab6e48b2b to your computer and use it in GitHub Desktop.
Save baydakovss/6393f3e97383eb26d2bdd4aab6e48b2b to your computer and use it in GitHub Desktop.
Download ZIP
Install geoip for iptables in Debian 10
Raw
iptables_geoip_debian.md
  1. change from buster to bullseye
  2. sudo apt install libnet-cidr-lite-perl libtext-csv-xs-perl libgeoip2-perl

for day of writing, there is a problem with building by dkms this package xtables-addons-common so wehave to install this from source

  1. sudo apt install pkg-config libxtables-dev
  2. wget http://inai.de/files/xtables-addons/xtables-addons-3.13.tar.xz
  3. tar xf xtables-addons-3.13.tar.xz
  4. cd xtables-addons-3.13/
  5. ./configure
  6. make
  7. sudo make install
  8. sudo depmod -a
  9. sudo modprobe x_tables
  10. sudo modprobe xt_geoip
  11. cd geoip
  12. manual download GeoLite2-Country-CSV.zip from maxmind.com
  13. ./xt_geoip_dl_maxmind
  14. cd GeoLite2-Country-CSV_20201124/
  15. sudo mkdir -p /usr/share/xt_geoip
  16. sudo ../xt_geoip_build_maxmind -D /usr/share/xt_geoip/
  17. sudo iptables -I INPUT -m geoip ! --src-cc XX -j DROP

Refenreces:

  1. https://www.reddit.com/r/debian/comments/d6mnsa/firewall_with_geoip_capability_on_debian_10/
  2. https://tracker.debian.org/pkg/xtables-addons
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment