Hello, I know indeed that "geoiplookup" command uses older geoip Database as source (provided by ubuntu Package geoip-database)
But that was only an example. I assured by whois lookups that even with my iptables country-matching code in shorewall and iptables that should accept only connections from DE and CH SSH Connections where acceptet from ANY Country. Bye Am 15.02.2019 um 11:37 schrieb Vieri Di Paola: >> root@firewall:~# geoiplookup 122.226.181.166 >> GeoIP Country Edition: CN, China > Not sure about the iptables part because I'm not using xtables-addons > 3 yet, but I believe geoiplookup is obsolete as it looks up an > outdated database. > > You should now use mmdblookup with a command such as: > > mmdblookup --file /usr/share/GeoIP/GeoLite2-City.mmdb --ip > 122.226.181.166 country iso_code > > You'll get "CN" anyway, just like with the old geoiplookup command, > but at least its getting its data from an updated source. > > Also, is this more or less how you update the geoip database for iptables > usage? > > /lib/xtables-addons/xt_geoip_dl > /lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv > > Vieri > > > _______________________________________________ > Shorewall-users mailing list > Shorewall-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/shorewall-users -- *Ralf Schenk* fon +49 (0) 24 05 / 40 83 70 fax +49 (0) 24 05 / 40 83 759 mail *r...@databay.de* <mailto:r...@databay.de> *Databay AG* Jens-Otto-Krag-Straße 11 D-52146 Würselen *www.databay.de* <http://www.databay.de> Sitz/Amtsgericht Aachen • HRB:8437 • USt-IdNr.: DE 210844202 Vorstand: Ralf Schenk, Dipl.-Ing. Jens Conze, Aresch Yavari, Dipl.-Kfm. Philipp Hermanns Aufsichtsratsvorsitzender: Wilhelm Dohmen ------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
