friendly-bits / geoip-shell

User-friendly and flexible geoip blocker for Linux
GNU General Public License v3.0
96 stars 3 forks source link

Filter by Network #6

Open wouam31200 opened 7 months ago

wouam31200 commented 7 months ago

Hi, I was wondering if it was possible to put by network instead of the country: ARIN RIPE LACNIC APNIC AFRINIC

Thanks again for your work!

friendly-bits commented 7 months ago

Hi, technically this is already possible by simply adding country codes under jurisdiction of whatever registries you are interested in. You can look up the country codes for each registry in the included cca2.list file and just copy-paste them into the command line. If you need an automated solution, I think the best way to go is to make a simple custom script which will get the country codes for the required registries and then call the -manage or the -install script with said codes. I could implement this script for you if you need it. Currently I don't see a need to include this functionality in the distribution because I doubt that many people will need it (if you think otherwise then you are welcome to explain why).

friendly-bits commented 7 months ago

In theory, I could implement fetching and populating a complete ip list for each registry (RIPE stores that on its server). Previously, geoip-shell was fetching ip lists for individual countries from that server. Unfortunately, for some unknown reason the resulting ip lists were smaller than the ones fetched from RIPE's API, so eventually I changed the app to only use RIPE's API - which AFAIK only allows to fetch ip lists for individual countries. The 2nd source which is supported (ipdeny) only provides ip lists for individual countries as well. If you care about fetch speed then fetching from ipdeny is usually faster, at least for me, and their lists are aggregated, so they are smaller for same effective geoip blocking. Their servers don't work well at round hours but otherwise they seem faster, especially so for ip lists from North America which are typically fairly slow to fetch from RIPE.