-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GeoIP Brick #484
Labels
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Filtering IP depending on a geographic zone.
One could do it by loading a heavy list of IP blocks from a GeoIP database or ripe database inside a firewall brick but that would not be optimized.
Instead, we could create a dedicated GeoIP brick which only accept or reject packets which are located in a specific geographic zone. This is mainly a specialized stateless firewall which only filter a pre-defined list of IP.
This could be done by only loading in ram all IP corresponding to a specific geolocation passed at brick initialization. Something like:
Implementation could be studied more in depth. One idea would be to only store corresponding IPs a binary tree to speed up resolution. Bloom filter usage would also be meaningful here.
The text was updated successfully, but these errors were encountered: