GeoIP: Country or City? zip or tar.gz?

Started by Evert, February 12, 2024, 10:29:19 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 12, 2024, 10:29:19 AM
Hi all,

I'm seeing some conflicting information when it comes to configuring GeoIP.


  • Which database should I get? The official docs mention GeoLite2-Country-CSV, but several forum posts mention GeoLite2-City instead.
  • Which suffix should I select? The offical docs mention zip, but several forum posts mention tar.gz instead.

I'm asking this because it seems like my GeoIP hasn't updated in a couple of months now...
--
Regards,
   Evert
February 12, 2024, 10:52:00 AM #1
Hi. My settings that are working and updating fine have GeoLite2-Country-CSV as part of the URL.
https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country-CSV&license_key={my-own-key}&suffix=zip.
I am on OPN 24.1
At a guess, you could use City instead too if you needed that granularity.
Also check https://dev.maxmind.com/geoip/geolite2-free-geolocation-data
February 12, 2024, 02:51:54 PM #2
OK, then I'll stick to zip and Country for now.

Is there a way I can force an update? Preferably from the CLI so I can hopefully see why it doesn't auto-update...
--
Regards,
   Evert
February 12, 2024, 03:08:14 PM #3
You can check that you have done it correctly by just pasting the link into a browser, it should download the zip file.
February 12, 2024, 03:16:28 PM #4 Last Edit: February 12, 2024, 03:46:14 PM by meyergru
You cannot use the City database in OpnSense, because the internal script only generates an IP->Country/Regions mapping.

This is explained here and also, when you set up a geoip alias that makes use of this data, you will see that you can only select from countries and regions, not individual cities.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
February 12, 2024, 03:21:36 PM #5
your link is blank... :D
February 13, 2024, 09:17:06 AM #6
Quote from: cookiemonster on February 12, 2024, 03:08:14 PM
You can check that you have done it correctly by just pasting the link into a browser, it should download the zip file.

The fact that my link gives me a zip file doesn't nececarily mean the zip file contains something OPNsense can work with  8)
(Pasting the link gives me a 3.1MB ZIP, so that seems to be ok)
--
Regards,
   Evert
February 13, 2024, 09:18:05 AM #7
Which command does OPNsense use internally to fetch a new version of the GeoIP file? And where does it log when it runs that command?
--
Regards,
   Evert
February 13, 2024, 09:23:53 AM #8
/usr/local/opnsense/scripts/filter/download_geoip.py
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
February 13, 2024, 10:17:08 AM #9
Quote from: Evert on February 13, 2024, 09:17:06 AM
Quote from: cookiemonster on February 12, 2024, 03:08:14 PM
You can check that you have done it correctly by just pasting the link into a browser, it should download the zip file.

The fact that my link gives me a zip file doesn't nececarily mean the zip file contains something OPNsense can work with  8)
(Pasting the link gives me a 3.1MB ZIP, so that seems to be ok)
True. That was to check your licence is valid and the url resolves correctly. It "should" work from OPN then if following the documentation. I agree being able to test it from OPN is the next best thing.
Print
Go Up Pages1
User actions