iptables geoip match on debian lenny | Debian-News.net - Your one stop for news about Debian

Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.

iptables geoip match on debian lenny

The geoip iptables extension allows you to filter, nat or mangle packets based on the country’s source or destination. This does exactly what the geoip apache module does, or the regular geoip binary, but at the iptables level. More here

I would not go into the details why you would want to use that, but there are many ‘positive’ ways it can be useful… For example myself I use it in a project where we want to serve customized content for different countries. Since this is a high traffic site running on many web servers behind a loadbalanced setup, we prefer to split this at the loadbalancer level and not at apache level, to simplify our setup. We serve customized content to the US based visitors, while for the other countries we serve another international site.

One Response to “iptables geoip match on debian lenny” »

Comment by gaous — March 20, 2009 @ 4:18 pm
wew… geoip , i think it nice . maybe for high traffic with client from differrent country it very usefull. but still “standar iptables” would be the most favorite filter

RSS feed for comments on this post. TrackBack URI

Leave a comment

Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.