How to build GEO country block lists

Firewall , SLB  and other  security devices typically have a GEO database that allows for quick allow|block against a country. Most other systems does not, but you can build simple scripts to  feed geoip information for  firewall services.

In this example, we will use   iptables and firewalld


If your using a system that does not  have a integral  geoip database you can call out denyip and  by using the 2 letter  iso country code you can build lists with ease.

http://www.ipdeny.com/


So using the following format, we can quickly  pull the data for a country   and feed this into our script or tool to use for a simple drop or accept. Here we are using iptables and iso county  gq and io


http://ipdeny.com/ipblocks/data/aggregated/io-aggregated.zone
http://ipdeny.com/ipblocks/data/aggregated/GQ-aggregated.zone

And a example with firewalld

NSE ( network security expert) and Route/Switching Engineer

kfelix  -----a----t---- socpuppets ---dot---com

     ^      ^

=(  @  @ )=

         o

        /  \