| View previous topic :: View next topic |
| Author |
Message |
mole
Tux's lil' helper
Joined: 07 Nov 2009
Posts: 84
|
 Posted: Wed Apr 17, 2019 11:32 am Post subject: xtables-addons / GeoIP |
 |
|
The geoip module from xtables-addons was working perfectly, then at some point it's broken, probably an update. The xt_geoip module loaded, but it didn't work (no country matched so people couldn't connect)
I was using kernel 4.14.87 and xtables-addons 2.14, which should be OK up to kernel 4.15.
Upgraded the kernel to 5.04 and hit various compile issues, so now am on kernel 4.20.7 with xtables-addons 3.3
I've downloaded the database files, but I'm getting the error message
| Code: |
Could not open /usr/share/xt_geoip/AT.iv4: No such file or directory
|
There are different AT.iv4 files in /usr/share/xt_geoip/BE and /usr/share/xt_geoip/LE - but iptables doesn't seem to be looking there.
If I copy AT.iv4 from LE/AT.iv4 the error message changes to the next country I've listed:
| Code: | | Could not open /usr/share/xt_geoip/BE.iv4: No such file or directory" |
So I'm guessing that iptables isn't looking in the BE or LE directories and finding an incompatible AT.iv4 file, it's just looking in the wrong place. The permissions on /usr/share/xt_geoip/BE and LE are the same as /usr/share/xt_geoip: drwxr-xr-x 8 root root.
Any ideas? I could just copy all the *.iv4 files from BE or LE, but no idea which ones to use, I can't find any reason why there are two sets or what each set does.... |
|
| Back to top |
|
 |
Syl20
l33t
Joined: 04 Aug 2005
Posts: 621
Location: France
|
| Posted: Sat Apr 20, 2019 10:08 am Post subject: |
|
|
Yes, the BE and LE directories are now useless. The files must be directly placed into /usr/share/xt_geoip.
The files to download changed, too, and xt_geoip_build also was updated. I had to change some parameters. This works for me (with net-firewall/xtables-addons-3.2) :
| Code: | | /lib/xtables-addons/xt_geoip_dl && /lib/xtables-addons/xt_geoip_build -D "/usr/share/xt_geoip" -S $(find . -type d -name "Geo*") |
Related upstream commit :
https://sourceforge.net/p/xtables-addons/xtables-addons/ci/256ac1a4f6fe8db66031948c80fb066de5695a6e/ |
|
| Back to top |
|
|
mole
Tux's lil' helper
Joined: 07 Nov 2009
Posts: 84
|
| Posted: Mon Apr 22, 2019 9:49 pm Post subject: |
|
|
| Syl20 wrote: | Yes, the BE and LE directories are now useless. The files must be directly placed into /usr/share/xt_geoip.
The files to download changed, too, and xt_geoip_build also was updated. I had to change some parameters. This works for me (with net-firewall/xtables-addons-3.2) :
| Code: | | /lib/xtables-addons/xt_geoip_dl && /lib/xtables-addons/xt_geoip_build -D "/usr/share/xt_geoip" -S $(find . -type d -name "Geo*") |
Related upstream commit :
https://sourceforge.net/p/xtables-addons/xtables-addons/ci/256ac1a4f6fe8db66031948c80fb066de5695a6e/ |
Thankyou! That's fixed it  (Using xtables-addons-3.3) |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
