Geoblock is a lightweight Bash script and systemd service designed to block unwanted network traffic from specific countries. It utilizes the MaxMind GeoLite2 country databases, ipset, and iptables to efficiently filter and drop incoming packets based on geographic origin.
- Automated Blocklists: Downloads and updates MaxMind GeoLite2 country data automatically.
- Efficient Filtering: Uses
ipsetfor high-performance IP matching and a customGEOBLOCKchain iniptables. - Systemd Integration: Runs as a systemd service, ensuring protection is active on boot.
- Weekly Refresh & Reporting: Includes a systemd timer that updates the blocklists weekly and can optionally send a report of blocked traffic statistics.
- Push Notifications: Supports sending weekly statistics reports via ntfy.sh.
- Debian Package: Easy installation and removal via a
.debpackage.
Before using Geoblock, you need a free MaxMind account to download the GeoLite2 databases.
- Sign up for a free MaxMind account at: https://www.maxmind.com/en/geolite2/signup
- Generate a License Key in your MaxMind account dashboard.
The following packages are required (they will be installed automatically if you use the Debian package):
bash,wget,unzip,ipset,iptables,coreutils,curl,gawk,sed,grep
The easiest way to install Geoblock is by downloading the pre-built Debian package from the Releases page.
- Download the latest
.debpackage from the Releases page. - Install the package using
dpkgorapt:
sudo apt install ./geoblock_*_all.debIf you prefer to build the package manually from source, run the included build script on a Debian/Ubuntu system:
./build-deb.shThis will create a .deb package in the current directory.
After installation, you must configure your MaxMind credentials.
- Edit the configuration file:
sudo nano /etc/geoblock/geoblock.cfg
- Add your MaxMind Account ID and License Key:
MAXMIND_ACCOUNT_ID="YOUR_ACCOUNT_ID" MAXMIND_LICENSE_KEY="YOUR_LICENSE_KEY"
- (Optional) Change the default countries to block (comma-separated ISO codes):
GEO_COUNTRIES="BR,RU,CN"
- (Optional) Configure ntfy.sh for weekly reports:
NTFY_URL="https://ntfy.sh/your_secret_topic" # If your topic requires authentication: # NTFY_TOKEN="your_access_token"
Once configured, you can start the service to apply the blocks:
sudo systemctl start geoblock@no.serviceThe systemd timer (geoblock.timer) is automatically enabled during installation. It will refresh the blocklists and send reports (if configured) every Sunday at 19:00.
You can also use the geoblock command-line tool directly:
- Block specific countries (overrides config):
sudo geoblock cn,ru
- Unblock specific countries:
sudo geoblock --unban br
- Show statistics (blocked countries, IP count, traffic):
sudo geoblock --stats
- Reset traffic counters:
sudo geoblock --reset
- Send current stats to ntfy (if configured):
sudo geoblock --ntfy
To completely remove Geoblock, its configuration, and downloaded data, purge the package:
sudo apt purge geoblockThis will automatically stop the services, remove the iptables rules, flush the ipset lists, and delete the configuration and MaxMind data directories.
This project is licensed under the MIT License - see the LICENSE file for details.