0

I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access.

Maxmind changed the default DB to the latest version which is GeoLite2 (jan), this leaves all users in need of the old Geolite Legacy database in the dark, they cannot update.

If I download a later version of xtables (>2.0) it will complain that it requires iptables>1.6 which I do not think I can get going on CentOS 6.X.

Is there a way that I can convert Geolite2 CSV files to Geolite Legacy CSV Files and then compile those into BE/LE?

Are there any other ways I can use Geolite2 on a CentOS 6.X system?

Jobst
  • 529
  • 3
  • 12

2 Answers2

1

This project : https://github.com/mschmitt/GeoLite2xtables has scripts and in the README shell commands (work flow) to download GeoLite2 CSV files from maxmind, convert to Geolite legacy format CSV and call xt_geoip_build to compile to BE/LE.

It works for me on Debian 9, but would probably work on CentOS too.

David Keegel
  • 39
  • 3
  • WOW. Thank you very much. Haven't run it yet, just looked at the source, nothing in it that would stop it working on a CentOS 6.X box! – Jobst Jan 25 '19 at 04:02
  • It's been running for a few weeks now on my CentOS system without any problems. – Jobst Mar 12 '19 at 01:45
0

I don't know any existing script available to convert Geolite2 to Geolite.

However, you can export the Australia IP address list in iptables format from free web service https://www.ip2location.com/free/visitor-blocker

You can import the list into iptables to allow traffics from Australia.

Michael C.
  • 1,410
  • 1
  • 9
  • 20
  • Thanks, it would indeed be possible to convert the list to match it the original CSV geolist as provided by MaxMind. I found a better way doing this using http://www.ipdeny.com/ as list provider and the suggestion made in here using IPSET: https://mattwilcox.net/web-development/unexpected-ddos-blocking-china-with-ipset-and-iptables. While the population of the list takes a while the lookup is extremely fast and in no way longer than the orignal Geolite. – Jobst Jan 16 '19 at 03:39