Self-hosted GeoIP Lookup

Ulfnic · January 19, 2021, 6:42pm

…

Self-hosted GeoIP Lookup: Part 2, “I never asked for this.” ~ Adam, DuesEx

Debrief:

Making it harder by trying to make it easier.

Digging through repos I discovered Maxmind GeoIP-GeoLite-data and GeoIP-GeoLite-data-extra packages in Fedora and CentOS but they haven’t been updated since 2018. I gave them an install and they’re GeoIP legacy (so yesterday).

Similar situation with Debian/Ubuntu’s geoip-database and geoip-database-extra.

I gave the GeoIP package a try which is on several distros but sadly it just pulls in the 2018 data above. For GeoIP2, you’ll need to follow Part 1.

Looking at downloads from part 1, what we’re working with:

GeoLite2-ASN contains ASN information
GeoLite2-City contains everything but ASN information
GeoLite2-Country is GeoLite2-City without map coordinates

For the purposes of Part 2 we won’t be using the GeoLite2-Country database as GeoLite2-City makes it redundant however it’ll still be installed as some use cases may only need identification by country which is considerably faster.

Thankfully the database reader has general availability but the NGINX module for geoip2 isn’t in repos for Fedora/CentOS/RHEL no matter how much NGINX thinks its is. That leaves 3 options…

Compiling the module in with NGINX every update.
- NGINX module: GitHub - leev/ngx_http_geoip2_module: Nginx GeoIP2 module
- Maxmind DB Reader: GitHub - maxmind/libmaxminddb: C library for the MaxMind DB file format
- About NGINX Static modules: Compiling Modules | NGINX
- About NGINX Dynamic modules: Dynamic Modules | NGINX Documentation
Not using Fedora/CentOS/RHEL (as if.)
Produce a solution that doesn’t require a special module.

Hold my beer, we’re doing 3

It’s go time:

Install the GeoLite2 databases:

# Navigate to the directory containing the downloaded databases in Part 1

# Decompress GeoLite2 databases
sudo tar xvfz GeoLite2-ASN_20210112.tar.gz
sudo tar xvfz GeoLite2-City_20210112.tar.gz
sudo tar xvfz GeoLite2-Country_20210112.tar.gz

# Move them to /usr/share/geoip2
sudo mkdir /usr/share/geoip2/
sudo mv ./GeoLite2-ASN_20210112 /usr/share/geoip2/GeoLite2-ASN
sudo mv ./GeoLite2-City_20210112 /usr/share/geoip2/GeoLite2-City
sudo mv ./GeoLite2-Country_20210112 /usr/share/geoip2/GeoLite2-Country

# See layout
ls -laR /usr/share/geoip2/

Install the Maxmind database reader:

# Fedora/CentOS/RHEL:
sudo dnf install libmaxminddb libmaxminddb-devel

# Debian/Ubuntu:
sudo apt install libmaxminddb0 libmaxminddb-dev mmdb-bin

Test the GeoLite2 databases by requesting information on 8.8.8.8, each one should output different information on Google.

mmdblookup --file /usr/share/geoip2/GeoLite2-ASN/GeoLite2-ASN.mmdb --ip 8.8.8.8
mmdblookup --file /usr/share/geoip2/GeoLite2-City/GeoLite2-City.mmdb --ip 8.8.8.8
mmdblookup --file /usr/share/geoip2/GeoLite2-Country/GeoLite2-Country.mmdb --ip 8.8.8.8

That’s all you need to begin geoip integration. Part 3 will apply this to a router providing a full solution for geoip lookup via GET request.