Hi all,
I'm seeing some conflicting information when it comes to configuring GeoIP.
- Which database should I get? The official docs mention GeoLite2-Country-CSV, but several forum posts mention GeoLite2-City instead.
- Which suffix should I select? The offical docs mention zip, but several forum posts mention tar.gz instead.
I'm asking this because it seems like my GeoIP hasn't updated in a couple of months now...
Hi. My settings that are working and updating fine have GeoLite2-Country-CSV as part of the URL.
https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key={my-own-key}&suffix=zip.
I am on OPN 24.1
At a guess, you could use City instead too if you needed that granularity.
Also check https://dev.maxmind.com/geoip/geolite2-free-geolocation-data
OK, then I'll stick to zip and Country for now.
Is there a way I can force an update? Preferably from the CLI so I can hopefully see why it doesn't auto-update...
You can check that you have done it correctly by just pasting the link into a browser, it should download the zip file.
You cannot use the City database in OpnSense, because the internal script only generates an IP->Country/Regions mapping.
This is explained here (https://docs.opnsense.org/manual/aliases.html) and also, when you set up a geoip alias that makes use of this data, you will see that you can only select from countries and regions, not individual cities.
your link is blank... :D
Quote from: cookiemonster on February 12, 2024, 03:08:14 PM
You can check that you have done it correctly by just pasting the link into a browser, it should download the zip file.
The fact that my link gives me a zip file doesn't nececarily mean the zip file contains something OPNsense can work with 8)
(Pasting the link gives me a 3.1MB ZIP, so that seems to be ok)
Which command does OPNsense use internally to fetch a new version of the GeoIP file? And where does it log when it runs that command?
/usr/local/opnsense/scripts/filter/download_geoip.py
Quote from: Evert on February 13, 2024, 09:17:06 AM
Quote from: cookiemonster on February 12, 2024, 03:08:14 PM
You can check that you have done it correctly by just pasting the link into a browser, it should download the zip file.
The fact that my link gives me a zip file doesn't nececarily mean the zip file contains something OPNsense can work with 8)
(Pasting the link gives me a 3.1MB ZIP, so that seems to be ok)
True. That was to check your licence is valid and the url resolves correctly. It "should" work from OPN then if following the documentation. I agree being able to test it from OPN is the next best thing.