On Mon, Aug 17, 2020 at 11:35:12PM -0400, skwok wrote: Hi there,
> I'd like to use the geoip module (v1) to block Crimea from access. The > syntax that I'm using is: > geoip_country /usr/share/GeoIP/GeoIP.dat; When all you have is country-level granularity, you can't block just part of a country. So if you want to block the nginx offices in Cork, you would have to block the entire country of IE. And, as your later note describes, for the purposes of that version of that database, the IP addresses associated with the geographic region of Crimea are included in the country code UA. > https://dev.maxmind.com/release-note/crimea-accuracy-update-2019/ . Can > someone please tell me how I can make use of that? One option is to use the geoip_city database file, which gives sub-country granularity -- that note suggests that the particular case of "Crimea" is approximately covered by (interpreting their region_codes.csv file) UA,11,"Krym" and UA,20,"Sevastopol'". Another option is to write your own database file, and group the IP addresses that you want to block into your own country designation, and then block that. Whether that is easy or possible is probably not an nginx-specific question. Good luck with it, f -- Francis Daly fran...@daoine.org _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
