On Mon, October 30, 2006 9:05 am, Bill Church wrote: > Mark Weaver wrote: >> Gavin Carr wrote: >> > There are also a bunch of CPAN perl modules that can be used for this >> > e.g. Geo::IP, Geo::IP2Location, Geo::IPfree, etc. >> Hi Garvin, >> >> Those are pretty cool... thanks for the heads up I was unaware of them, >> but they appear to be specifically for gathering geographical data which >> web master would use and have nothing to do with geo-blocking of spam. > > The idea is, the lookup is fairly well debugged and automated through > those models, just need some glue to built iptables rules for, especially > Geo::IPfree. I would imagine you could do something like this to block all > IPs that aren't US or something to that effect: > > getcountry.pl: > #!/usr/bin/perl > use Geo::IPfree; > my $new_ip = $ARGV[0] ; > print "$new_ip\r\n" ; > my ($country,$country_name,$ip) = Geo::IPfree::LookUp($new_ip) ; > print "$country_name\r\n" ; > if ($country eq "US") { > print "US IP!\r\n" ; > } else { > print "Not US IP!\r\n" ; > } > > You can just run something like "getcountry.pl 212.5.80.0" (Kaspersky > Labs, Russia) which should tell you that it's not a US IP. You could add > this as another layer or use it for additional scoring. Obviously you > would want to check the variables and all that good security stuff, this > is a just a proof of concept. makes good sense! I will have to get busy and see about incorporating this into the existing program. sure would clean things up more and make it more managable. many thanks, -- Mark If you've found a wise man then you've found a man that was at one time an idiot and lived long enough to learn from his mistakes. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos