January 2, 2020

xt_geoip_dl vs. Maxmind Accounts

Since some time I use a geofence on my servers to ban all incoming requests that do not originate from DE. The company (Maxmind) that distributes up to date mappings from IP ranges to country codes (“geoip tables”) recently changed how they distribute these files. Now, you must have an account and license key to download the geoip tables. Note: everything is still free!

The need for login credentials breaks the update mechanism for geoip tables which typically uses xt_geoip_dl. Luckily, the fix is quite simple as xt_geoip_dl is actually only a download application with a hard coded (yay!) URL. So if you know the right URL, you can alternatively download the geoip tables with wget or curl.

After creating an account with Maxmind and a license key (select a key that shall not be used with geoipupdate), open this page and scroll down to “Direct Downloads”. Here they describe how you can craft the needed link. The ready made URL should look like this: https://download.maxmind.com/app/geoip_download\?edition_id\=GeoLite2-Country-CSV\&license_key\=YOURLICENCE\&suffix\=zip.

You can now change the updater script that you run with cron like this:

#!/bin/bash
tmpdir="/tmp/geo"

rm /usr/share/xt_geoip/ -rf
mkdir /usr/share/xt_geoip/

mkdir $tmpdir
cd $tmpdir

wget https://download.maxmind.com/app/geoip_download\?edition_id\=GeoLite2-Country-CSV\&license_key\=YOURLICENCE\&suffix\=zip -O file.zip
unzip file.zip

cd GeoLite2-Country-CSV_*
/usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv

© holger 2015 - 2020 |