[olug] list of United States IP blocks

Christopher Cashell topher-olug at zyp.org
Sat Jan 13 15:48:18 CST 2018

On Fri, Jan 12, 2018 at 6:22 PM, Lou Duchez <lou at paprikash.com> wrote:

> How would one get a list of United States IP blocks from GeoIP?
> I want to load US IPs into iptables and thus keep much of the riffraff out.

I don't know that there's a great way to do it that won't get you in
trouble.  Most GeoIP databases are "databases" or otherwise large sets that
may be challenging for iptables.  I suppose you could make use of the ipset
features in recent iptables, but GeoIP databases tend to get updated
semi-regularly, and you'll want to track those updates or risk challenges.
I think I remember hearing about an iptables module that could query
externally for a GeoIP DB, but I've never actually looked into it.

Are you looking to "lock down" specific services?  Is this for ssh?  Web?
Other?  The reason I ask, is that there may be other options that can help
reduce your attack surface is simpler, lower maintenance, and less
cumbersome ways.


More information about the OLUG mailing list