nftables geoip - continents ip In the previous articles, we showed how to perform packet marking in nftables based on geoip source ip addresses and also how to log traffic to external files . Today we will show how to mark packets based on which continent they come from. The principle is that we first mark packets based on the source IP address so that we know which countries they are coming from. And then we'll find out which continent the state is on. Linux Security Networking
nftables and GeoIP How to Block IPs from Countries or Continets using NfTables Geoip script We'll learn how we can block traffic originated from specific country or continent IPs using GeoIP database and linux nftables . This article describes the configuration for debian linux distros. nftables is the new packet classification framework that intends to replaces the existing {ip,ip6,arp,eb}_tables infrastructure. In a nutshell: It is available in Linux kernels >= 3.13 It comes with a new command line utility nft whose syntax is different to iptables. Linux Security Networking
How nftables log to external file Logging traffic blocked by the nftables or iptables firewall rules is necessary for debugging the firewall rules and to be alerted to local software problems. Any packet matching a rule can be logged by using -j LOG target for iptables or log statement for nftables. Logging packet has no effect on the packet's disposition, however. The packet must match an accept or drop rule. Linux Security Networking