Dump location database

hellfire · 5 September 2024 19:04

Hi!

Can I export the location database to a format like ipv4 | country?

According to the man page, I can choose between different formats but none of them gives me a format that I can use for a simply lookup ip-address → country.

Any other option available?

bonnietwin · 5 September 2024 19:32

There are python bindings which you could use in a python program that will give you the country for a provided IP.

https://www.ipfire.org/location/how-to-use/python

hellfire · 5 September 2024 19:52

Challenge is, I would use above format to use a mapping lookup in HAProxy to block requests from certain countries.

As a workaround for my LE challenge issue while location blocks in place

peppetech · 5 September 2024 23:55

I am a little slow today, so correct me if I am wrong.
Are you trying to renew LE certs and IPFire is blocking the requests?

Did you check Suricata log if anything is triggering IPS? Could be something like an ET INFO for a cert for a suspicious TLD etc…

Is the DNS API for your hosting company not working ?

I read someone having similar issues with LE
He switched to ZeroSSL. and using one of the ACME sh scripts everything worked fine.

something like this

I did notice there are more Suricata rules that block ZeroSSL, then Letsencrypt.

I read your other HAProxy post

When you got a minute could you elaborate on your HAProxy setup.?
Sounds like an ultimate setup for intrusion prevention.

ms · 6 September 2024 16:31

This would be too large to load into memory expanded. You won’t be able to search it quick either. But for HAProxy I can recommend the Lua bindings. We currently don’t ship them with IPFire, but that could be changed:

https://www.ipfire.org/blog/ipfire-location-lua-bindings-for-fun-and-profit

hellfire · 25 September 2024 07:44

@ms Any chance to release the database and the LUA bindings now or in the next core release?
Right now I’m writing a LUA script for HAProxy that should use the location database to check the client’s country and possbile block request not originated from the Let’s Encrypt challenge requests.

Maybe the database is already available somewhere, I did not currently find, guess it was just an example in the announcement:

/usr/share/location/database.db

I’ve checked the unit-tests at git.ipfire.org Git - location/libloc.git/blob - tests/lua/main.lua which although uses a test database which is not of any use in a productive environment either.

Thanks for your help!
Michael

Edit: Database found at /var/lib/location/database.db
Edit: Found this comment in a commit to git.
Are the LUA bindings available already for download?

Changes

Removed Lua bindings from repo and dist files, now available separately

bonnietwin · 25 September 2024 08:50

That change comment is for the lua bindings for libnet not for libloc, the library for the location database.

hellfire · 25 September 2024 09:01

Ah, yes, of course you’re correct! Misread this

hellfire · 26 September 2024 09:27

Added feature request to Bugzilla