How to block IP address by country range using ipset?


New Member
I need to block web traffic from a certain country. I can export a free IP address list using IP2Location firewall list generator. The sample output format in CIDR is as below. There are other formats but I'm not sure if it is supported by ipset or not.

What should I do next to import the list to enable blocking using ipset? I don't want to enter it manually. I prefer a simple script to load all IP addresses and blocking them.

# -------------------------------------------------------
# Free IP2Location Firewall List by Country
# Source:
# Last Generated: 21 Nov 2018 11:20:13 GMT
# [Important] Please update this list every month
# -------------------------------------------------------


Look at fail2ban for their ipset script. With that and a bit of modification you should be able to import the list.

Members online