Thursday, August 11, 2022

Kamailio GeoIP Block

 

loadmodule "geoip2.so"
modparam("geoip2", "path", "/usr/share/GeoIP/GeoLite2-City.mmdb");


route[GEOIP_FILTER] {
 # allow request from internal network or from whitelist
    if (isflagset(FLAG_TRUSTED_SOURCE)) {
        return;
    }


if(geoip2_match("$si", "src")){
                xlog("Packet received from IP $si");
                xlog("Country is: $gip2(src=>cc)\n");
                xlog("City is: $gip2(src=>city)\n");
        if (allow_source_address("250")) {
        xlog("Address $si  Authorized");
        return ;
};
if (allow_source_address("200")) {
        xlog("Address $si  Authorized");
        return ;
};


if ($gip2(src=>cc) != "DO" ) {

        xlog("Address $si  Unauthorized");
        drop;
#       exit;
};

}
}

Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)