{"id":13846071,"url":"https://github.com/wirefalls/geo-nft","last_synced_at":"2025-07-12T04:30:55.387Z","repository":{"id":53544897,"uuid":"322427349","full_name":"wirefalls/geo-nft","owner":"wirefalls","description":"Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.","archived":false,"fork":false,"pushed_at":"2023-11-06T02:54:19.000Z","size":1116,"stargazers_count":113,"open_issues_count":0,"forks_count":9,"subscribers_count":9,"default_branch":"main","last_synced_at":"2024-08-05T17:45:37.098Z","etag":null,"topics":["anti-malware","anti-phishing","ddos-mitigation","ddos-protection","firewall-configuration","firewall-rules","firewalls","geo-ip","geoip-database","geoip-location","ip-geolocation","linux-security","linux-server","malware-protection","netfilter","nftables","nftables-geoip","nftables-rules","phishing-protection","ransomware-prevention"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wirefalls.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2020-12-17T22:26:25.000Z","updated_at":"2024-06-20T20:05:15.000Z","dependencies_parsed_at":"2024-02-21T10:58:41.061Z","dependency_job_id":null,"html_url":"https://github.com/wirefalls/geo-nft","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wirefalls%2Fgeo-nft","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wirefalls%2Fgeo-nft/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wirefalls%2Fgeo-nft/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wirefalls%2Fgeo-nft/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wirefalls","download_url":"https://codeload.github.com/wirefalls/geo-nft/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225791531,"owners_count":17524802,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anti-malware","anti-phishing","ddos-mitigation","ddos-protection","firewall-configuration","firewall-rules","firewalls","geo-ip","geoip-database","geoip-location","ip-geolocation","linux-security","linux-server","malware-protection","netfilter","nftables","nftables-geoip","nftables-rules","phishing-protection","ransomware-prevention"],"created_at":"2024-08-04T17:04:19.346Z","updated_at":"2024-11-21T19:31:06.589Z","avatar_url":"https://github.com/wirefalls.png","language":"Shell","funding_links":[],"categories":["Shell"],"sub_categories":[],"readme":"\u003cimg height=auto width=100% src=\"./media/geo-earth.jpg\" alt=\"Geolocation for nftables\"\u003e\n\n### Introduction\n\n\u0026nbsp; \u0026nbsp;***Geolocation for nftables*** is a Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with [nftables](https://netfilter.org/projects/nftables/). It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.\n\n### Features\n\n* A script written for the widely used [Bash](https://en.wikipedia.org/wiki/Bash_%28Unix_shell%29) shell.\n* Easy to set up, configure and customize with source code that's heavily commented.\n* Uses the free geolocation database from db-ip.com (no EULA to accept).\n* Automatically generates country-specific nftables address range sets.\n* The script has a small memory footprint to run well on systems with limited RAM. A flexible configuration allows loading only minimum sets required if memory is tight.\n* User settings are stored in a standard configuration file rather than using command line arguments.\n* Packets can be geolocation filtered with a single nftables rule rather than two rules to mark and match packets like nftables map based solutions.\n* The script allows access to all of the valid country code address ranges in the database.\n* Automatically determines your installed version of nftables and recommends the correct \"include\" statements for your ruleset. The script also creates \"include-all\" files to allow you to include all geolocation sets with a single reference on older versions of nftables that don't support include wildcards.\n* The [User Guide](https://github.com/wirefalls/geo-nft/wiki/User-Guide) explains how to define all element definitions for geolocation sets in one file, eliminating the chance of having out-of-sync definitions in multiple files when flushing and refilling sets with new data.\n* Simplified directory structure to shorten \"include\" path names.\n* The script creates ~500 IPv4 and IPv6 set files from the geolocation database in about 11 seconds on a low power quad-core 2200ge server with SSD storage.\n* Tested on [Ubuntu Server](https://ubuntu.com/server), [Fedora Server](https://getfedora.org/en/server/), and [Raspberry Pi OS](https://www.raspberrypi.org/downloads/raspberry-pi-os/).\n\nIf you find ***Geolocation for nftables*** useful, please consider giving us a **Star** at the top of the page.\n\n\n### Getting Started\n\n#### Documentation\n\nPlease see the [Wiki](https://github.com/wirefalls/geo-nft/wiki/Home) for the latest documentation.\n\n#### Installation\nThe [Installation Guide](https://github.com/wirefalls/geo-nft/wiki/Installation-Guide) has detailed installation instructions to get you up and running.\n\n#### Usage\nThe [User Guide](https://github.com/wirefalls/geo-nft/wiki/User-Guide) explains how to configure your ruleset for geolocation filtering. The Guide now contains a [troubleshooting section](https://github.com/wirefalls/geo-nft/wiki/User-Guide#troubleshooting) to ease setup.\n\n#### Dependencies\nBash 4.0 or newer.  \nnftables v0.9.0 or newer.  \nawk, curl, grep, gunzip, sed, sort, stat  \n\n#### Discussions\nPlease see our [Discussions Page](https://github.com/wirefalls/geo-nft/discussions) to ask for help, share ideas, or for questions about the project.\n\n#### Around the Web\nFeature Article - LinuxSecurity.com - [Geolocation for nftables Brings Simplicity \u0026 Flexibility to Geolocation Matching](https://linuxsecurity.com/features/geolocation-for-nftables)\n\nSlashdot.org - [Should You Block Connections to Your Network From Foreign Countries?](https://news.slashdot.org/story/21/02/13/2231248/should-you-block-connections-to-your-network-from-foreign-countries)\n\n### License\n***Geolocation for nftables*** is licensed under the [GNU GPLv2](./LICENSE) (or at your option, any later version).\n\n### Contributing\n* You can help us by spreading the good word about the project online.\n* Please see the [Contributing Guide](https://github.com/wirefalls/geo-nft/wiki/Contributing) for more information on how you can help.\n* If you're a package maintainer, feel free to contact us if you have any questions.\n\n### Credits\n##### Maintainer\n* Wirefalls - [GitHub.com/wirefalls](https://github.com/wirefalls)\n\nPlease see the ***Geolocation for nftables*** [Copyright Notice](https://github.com/wirefalls/geo-nft/wiki/Copyright).  \nSpecial thanks to the [nftables project](https://netfilter.org/projects/nftables/) for creating a robust firewall framework.  \n[IP Geolocation by DB-IP - https://db-ip.com](https://db-ip.com)  \nRaspberry Pi is a trademark of the [Raspberry Pi Foundation](https://www.raspberrypi.org/).  \nPhotos used to create the header image courtesy of [NASA Visible Earth](https://visibleearth.nasa.gov).  \nAll trademarks, logos and copyrights are the property of their respective owners.  \n\n### Resources\n\nhttps://netfilter.org/projects/nftables/  \nhttps://wiki.nftables.org/wiki-nftables/index.php/Main_Page  \nhttp://netfilter.org/mailinglists.html#ml-user  \nhttps://en.wikipedia.org/wiki/ISO_3166-1_alpha-2  \nhttps://db-ip.com/db/lite.php  \nhttps://db-ip.com/faq.php  \nhttps://linuxsecurity.com/  \nhttps://wiki.archlinux.org/title/Nftables  \nhttps://unstats.un.org/unsd/methodology/m49/overview  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwirefalls%2Fgeo-nft","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwirefalls%2Fgeo-nft","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwirefalls%2Fgeo-nft/lists"}