Abdullah Ibn Hamad Al-Marri wrote:
Hello,
I would like to use GeoIP db and update the country db rule, then make
the pf to read the db, and allow certian contries to connect to the
web server.
Is this possible?
Yes, I am using it.
Just download and uncompress the CSV GeoIP version and do something like
this (example for Czech Republic IPs):
grep Czech GeoIPCountryWhois.csv | awk 'BEGIN { FS="," } { print $1"-"$2
}' | sed 's/"//g' | tableutil -q text > /etc/pf.czech_net.table
tableutil is from ports (net/tableutil)
So all Czech IPs are in /etc/pf.czech_net.table which is loaded in to
pf.conf byt this line:
table <czech_net> persist file "/etc/pf.czech_net.table"
Then you can do what ever you whant with these IP addresses (block /
pass / redirect...)
Miroslav Llachman
_______________________________________________
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
