hello I am looking for a developer to create a map of the world in luci, a map that we could install in statistic or netdata, and see the ips that we block by example in traffic rules do you think this is possible, example I block 10 ip addresses and I see which ones are blocked in the map of luci statitics in real time,
GeoIP can be inaccurate, and you would be unable to do it locally on many of the OpenWrt devices supported due to storage constraints. (Maxmind would either not fit or take up the vast majority of the small storage.)
I note that crowdsec adds geoip lookup results to their event metadata, but they do it locally (with the same storage space concerns, theirs is >60mb I believe, in addition to the base package being >15).
Another option would be some of the free apis, assuming you can stay within their request limits.
Something to consider before throwing money at it. (Assuming you even find anyone willing to write it)
This! GeoIP will be inaccurate. The question is what is the consequence of false localization... in the intended use-case "eye-candy" not being 100% correct is probably acceptable, but this also means that use-case might not be worth dozens of MB?
Microsoft ran into issues when they re-allocated an IP range that had previously been assigned to Brazil to their Azure infrastructure. Suddenly, servers were being reported as being to/from Brazil, and you can imagine the hell-scape that followed.
config rule
option name 'block all ip'
option target 'REJECT'
option src 'lan'
list src_ip '192.168.2.160'
option dest 'wan'
list proto 'all'
list dest_ip '24.105.0.0/18'
list dest_ip '108.61.97.0/24'
yes for the moment I block these ips this way and it works very well, it's magnificent,
an automation would be of ip would be a plus when I capture with wireshark when connecting to a game there is marked online connection service and I see that about 20 servers are pinging each other,
I have my method to group them and then classify them and it works but it's a long job,
Like you see the server is grey so his not accessible
Just so you know that if you come round for coffee I have an OpenWrt router with multiple access points set up to use 802.11r fast transition, your data is encrypted via WireGuard VPN, DNS lookups are encrypted too, of course, and latency is managed through smart queue management. It's just wonderful!
Girl:
Oh, I love a man that has his networking affairs in such good order.