Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.
Geolocation for nftables is a Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.
If you find Geolocation for nftables useful, please consider giving us a Star at the top of the page.
Please see the Wiki for the latest documentation.
The Installation Guide has detailed installation instructions to get you up and running.
The User Guide explains how to configure your ruleset for geolocation filtering. The Guide now contains a troubleshooting section to ease setup.
Bash 4.0 or newer.
nftables v0.9.0 or newer.
awk, curl, grep, gunzip, sed, sort, stat
Please see our Discussions Page to ask for help, share ideas, or for questions about the project.
Feature Article - LinuxSecurity.com - Geolocation for nftables Brings Simplicity & Flexibility to Geolocation Matching
Slashdot.org - Should You Block Connections to Your Network From Foreign Countries?
Geolocation for nftables is licensed under the GNU GPLv2 (or at your option, any later version).
Please see the Geolocation for nftables Copyright Notice.
Special thanks to the nftables project for creating a robust firewall framework.
IP Geolocation by DB-IP - https://db-ip.com
Raspberry Pi is a trademark of the Raspberry Pi Foundation.
Photos used to create the header image courtesy of NASA Visible Earth.
All trademarks, logos and copyrights are the property of their respective owners.
https://netfilter.org/projects/nftables/
https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
http://netfilter.org/mailinglists.html#ml-user
https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2
https://db-ip.com/db/lite.php
https://db-ip.com/faq.php
https://linuxsecurity.com/
https://wiki.archlinux.org/title/Nftables
https://unstats.un.org/unsd/methodology/m49/overview