CentOS 6.X, iptables 1.47 and Geolite2: how can I make this work?

Question

I use the Geolite legacy databases together with iptables 1.47 to filter traffic for a variety of ports and only allow .AU traffic to have access.

Maxmind changed the default DB to the latest version which is GeoLite2 (jan), this leaves all users in need of the old Geolite Legacy database in the dark, they cannot update.

If I download a later version of xtables (>2.0) it will complain that it requires iptables>1.6 which I do not think I can get going on CentOS 6.X.

Is there a way that I can convert Geolite2 CSV files to Geolite Legacy CSV Files and then compile those into BE/LE?

Are there any other ways I can use Geolite2 on a CentOS 6.X system?

Answer 1

This project : https://github.com/mschmitt/GeoLite2xtables has scripts and in the README shell commands (work flow) to download GeoLite2 CSV files from maxmind, convert to Geolite legacy format CSV and call xt_geoip_build to compile to BE/LE.

It works for me on Debian 9, but would probably work on CentOS too.

Answer 2

I don't know any existing script available to convert Geolite2 to Geolite.

However, you can export the Australia IP address list in iptables format from free web service https://www.ip2location.com/free/visitor-blocker

You can import the list into iptables to allow traffics from Australia.