debian wheezy geoip xtables iptables setup

1. 0. OS is Debian GNU/Linux 7.8 (wheezy) amd64
2. 0.5. login as root
3.  
4. 1. install packages:
5. # apt-get update
6. # apt-get install xtables-addons-dkms
7. # apt-get install libtext-csv-xs-perl
8.  
9. 2. create geoip bases dir
10. # mkdir -p /usr/share/xt_geoip
11.  
12. 3. create update script
13. # mkdir -p ~/scripts
14. # nano -w ~/scripts/geoip-download.sh
15.  
16. 3.1. scrpt file contents
17. #!/bin/bash
18. cd /usr/share/xt_geoip
19. /usr/lib/xtables-addons/xt_geoip_dl
20. cat GeoIPCountryWhois.csv GeoIPv6.csv | /usr/lib/xtables-addons/xt_geoip_build
21.  
22. 3.2. make script file executable
23. # chmod +x ~/scripts/geoip-download.sh
24.  
25. 4. run this script once to debug:
26. # ~/scripts/geoip-download.sh
27.  
28. 5. check if rules are working
29. # iptables -A INPUT -m geoip --src-cc RU -j ACCEPT
30. # iptables -D INPUT -m geoip --src-cc RU -j ACCEPT
31.  
32. if these iptables calls pass without errors, that is ok
33.  
34. 6. setup the geoip bases weekly update
35. # cp ~/scripts/geoip-download.sh /etc/cron.weekly
36.  
37. 7. profit :-)
38.  
39. ref: https://chebnix.ru/blog/sysadmins/173.html