Threat shield and GeoIP

I would like to announce a new feature released to nethserver-blacklist (Treat shield), the GeoIP blocking. For now this feature is only available with the CLI, we have a documentation. Geo-blocking is disabled by default.

This feature allow to block countries by ipset of subnet that you download to ipdeny.com each night.

Thank to @filippo_carletti for geoIP blocking.

8 Likes

Yippee, that are great news. Thanks a lot for the integration.

Currently jused a cron job to download an ipdeny.com zone and manually(!) put it to the right place (well at least to the place where I was able to activate the list within the gui if needed :thinking: )
That will make adjustments way easier!

:+1:

1 Like

Well, I think I’ve tampered a bit too much within my system going the way of manually adding some geoip blockings :sweat_smile:

After I’ve updated nethserver-blacklist to v 1.2.0-1.ns7 (prior v 1.1.8-1.ns7) and enabled geoip feature according to the documentation it bailed out at

signal-event nethserver-blacklist-save geoips

In the journal, the following was logged:

Mar 17 18:59:13 redacted.my.fqdn esmith::event[15281]: /usr/share/nethserver-blacklist/download: line 38: /usr/share/nethserver-blacklist/geoip: No such file or directory
Mar 17 18:59:13 redacted.my.fqdn esmith::event[15281]: Action: /etc/e-smith/events/nethserver-blacklist-save/S20nethserver-blacklist-conf FAILED: 127 [0.23322]

However, looking at /usr/share/nethserver-blacklist/geoip the file existed with sane content (counter-checked on a virgin nethserver)

As soon as I disabled geoip blocking in e-smith the save-event ran gratiously.

Long story short: A complete removal and reinstall afterwards of ThreadShield corrected everything and now its up and running… well country-blocking :slight_smile:

1 Like