Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
xtables-addons / GeoIP
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
mole
n00b
n00b


Joined: 07 Nov 2009
Posts: 58

PostPosted: Wed Apr 17, 2019 11:32 am    Post subject: xtables-addons / GeoIP Reply with quote

The geoip module from xtables-addons was working perfectly, then at some point it's broken, probably an update. The xt_geoip module loaded, but it didn't work (no country matched so people couldn't connect)

I was using kernel 4.14.87 and xtables-addons 2.14, which should be OK up to kernel 4.15.

Upgraded the kernel to 5.04 and hit various compile issues, so now am on kernel 4.20.7 with xtables-addons 3.3

I've downloaded the database files, but I'm getting the error message

Code:

Could not open /usr/share/xt_geoip/AT.iv4: No such file or directory


There are different AT.iv4 files in /usr/share/xt_geoip/BE and /usr/share/xt_geoip/LE - but iptables doesn't seem to be looking there.

If I copy AT.iv4 from LE/AT.iv4 the error message changes to the next country I've listed:
Code:
Could not open /usr/share/xt_geoip/BE.iv4: No such file or directory"

So I'm guessing that iptables isn't looking in the BE or LE directories and finding an incompatible AT.iv4 file, it's just looking in the wrong place. The permissions on /usr/share/xt_geoip/BE and LE are the same as /usr/share/xt_geoip: drwxr-xr-x 8 root root.

Any ideas? I could just copy all the *.iv4 files from BE or LE, but no idea which ones to use, I can't find any reason why there are two sets or what each set does....
Back to top
View user's profile Send private message
Syl20
Guru
Guru


Joined: 04 Aug 2005
Posts: 568
Location: France

PostPosted: Sat Apr 20, 2019 10:08 am    Post subject: Reply with quote

Yes, the BE and LE directories are now useless. The files must be directly placed into /usr/share/xt_geoip.

The files to download changed, too, and xt_geoip_build also was updated. I had to change some parameters. This works for me (with net-firewall/xtables-addons-3.2) :
Code:
/lib/xtables-addons/xt_geoip_dl && /lib/xtables-addons/xt_geoip_build -D "/usr/share/xt_geoip" -S $(find . -type d -name "Geo*")


Related upstream commit :
https://sourceforge.net/p/xtables-addons/xtables-addons/ci/256ac1a4f6fe8db66031948c80fb066de5695a6e/
Back to top
View user's profile Send private message
mole
n00b
n00b


Joined: 07 Nov 2009
Posts: 58

PostPosted: Mon Apr 22, 2019 9:49 pm    Post subject: Reply with quote

Syl20 wrote:
Yes, the BE and LE directories are now useless. The files must be directly placed into /usr/share/xt_geoip.

The files to download changed, too, and xt_geoip_build also was updated. I had to change some parameters. This works for me (with net-firewall/xtables-addons-3.2) :
Code:
/lib/xtables-addons/xt_geoip_dl && /lib/xtables-addons/xt_geoip_build -D "/usr/share/xt_geoip" -S $(find . -type d -name "Geo*")


Related upstream commit :
https://sourceforge.net/p/xtables-addons/xtables-addons/ci/256ac1a4f6fe8db66031948c80fb066de5695a6e/


Thankyou! That's fixed it :D :D (Using xtables-addons-3.3)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum