Greetings,
I would like to use the GeoIP feature of CRS to block by country-IP, however the crs-setup.conf file does not specify what file format the DB should be:
# Uncomment this rule to use this feature:
#
#SecGeoLookupDB util/geo-location/GeoIP.dat
util/upgrade.py --geoip -- no longer exists of course.
Maxmind allows you to download the following formats: CSV and mmdb
Furthermore, the GeoLite2 download from Maxmind also provides several files:
GeoLite2-Country-Locations-en.csv GeoLite2-Country-Locations-pt-BR.csv
GeoLite2-Country-Blocks-IPv4.csv GeoLite2-Country-Locations-es.csv GeoLite2-Country-Locations-ru.csv
GeoLite2-Country-Blocks-IPv6.csv GeoLite2-Country-Locations-fr.csv GeoLite2-Country-Locations-zh-CN.csv
GeoLite2-Country-Locations-de.csv GeoLite2-Country-Locations-ja.csv
So - I'd appreciate some pointers on the best approach here:
1. what file format to use from maxmind.
2. which file above to use with SecGeoLookupDB.
... so that the following will work as expected:
SecAction \
"id:900600,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:'tx.high_risk_country_codes=UA ID YU LT EG RO BG TR RU PK MY CN'"
Thanks for any suggestions.
Regards
Henry