Ubuntu
xtables-addons package

xt_geoip search in the wrong directory?

Asked by Maik Weidemann

Hello,
I upgraded from18.04 lts to 20.04 lts. Now I have trouble with the xt_geoip addon for iptables.
If I load the iptables rules for geoip filtering I get this message:
Could not open /usr/share/xt_geoip/DE.iv4: No such file or directory
iptables-restore v1.8.4 (legacy): Could not read geoip database

The DE.iv4 file is present in a subfolder BE and LE:
/usr/share/xt_geoip/BE/DE.iv4
/usr/share/xt_geoip/LE/DE.iv4

Why xt_geoip doesn't found this file?
What do I wrong? How I can fix this?

Best regards
Maik

* My iptables rules: iptables -A INPUT -i eth0 -m geoip ! --source-country DE,NL,DK,FR,GB,EU,CA,US -m conntrack --ctstate NEW -j In_RULE_9
Linux dagobert 5.4.0-58-generic #64-Ubuntu SMP Wed Dec 9 08:16:25 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu xtables-addons Edit question
Assignee:
No assignee Edit question
Solved by:
Maik Weidemann
Solved:
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

Does a symlink help?

Revision history for this message
Manfred Hampl (m-hampl) said : 		#2

Seems the same as https://forums.gentoo.org/viewtopic-t-1095676-start-0.html
Try copying or moving the files from /usr/share/xt_geoip/BE and /usr/share/xt_geoip/LE into /usr/share/xt_geoip/

Revision history for this message
Maik Weidemann (weidemann-m) said : 		#3

Hello Manfred,

thanks for the hint to the gentoo forum. According this thread I could fix my problem.

Problems:
1) MaxMind.com change the access to the GeoIP database. => The current download script doesn't work!
2) The data format of xt_geoip have changed in the current package. => downloads of legacy Geoip database from MaxMind doesn't work
3) MaxMind.com change the dataformat for the downloadable files (GeoIP2). => current build script doesn't work!

Solutions:
1) Register you for free at MaxMind.com, or chose another geoip database (see xt_geoip project).
2) I use this build script https://sourceforge.net/p/xtables-addons/xtables-addons/ci/5e19871613e21050f44e11327adf867b002cbaf8/tree/geoip/xt_geoip_build to make the xt_geoip files from the current MaxMind CSV data format
3) see 2). Tthe actual build script from the xt_geoip, doesn't work with the current MaxMind GeoIP2 CSV download. The xt_geoip project change the default geoip database.

Now I use this update script to update the geoip information:
#/bin/sh

cd $(dirname $0) || exit 1;
LIB_DIR=/usr/lib/xtables_addons;
BASE_DIR=$(pwd);
DEST_DIR=/usr/share/xt_geoip;
DL_DIR=$BASE_DIR/dl

mkdir -p $DL_DIR >/dev/null 2>&1
cd $DL_DIR || exit 1;

# Get data
wget -q -O 'GeoIPCountryCSV.zip' 'https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key=[license_key]&suffix=zip' || exit 1

if [ -f GeoIPCountryCSV.zip ]; then
  unzip -qo GeoIPCountryCSV.zip || exit 1;
  rm -f GeoIPCountryCSV.zip
fi

Thanks!
Best regards
Maik
#echo "Building ..."
perl $BASE_DIR/xt_geoip_build -q -D $DL_DIR -S $(find . -type d -name "Geo*") || exit 1;
rm -R $DL_DIR/GeoLite2-Country-CSV_*

#echo "Copying to $DEST_DIR ..."
rm -rf $DEST_DIR/*.iv[46] && mv -f $DL_DIR/* $DEST_DIR/

#echo "Ready."