1. 일반 CentOS 서버에서 아래를 실행한다. 다운로드(두 가지 도구 모두 다운로드): https://sourceforge.net/projects/xtables-addons/files/Xtables-addons/xtables-addons-2.14.tar.xz/download https://github.com/mschmitt/GeoLite2xtables yum -y install perl-NetAddr-IP perl-Net-CIDR-Lite perl-Text-CSV_XS iptables-devel kernel-devel rm -rf /usr/share/xt_geoip/* mkdir -p /usr/share/xt_geoip/{BE,LE} unzip GeoLite2xtables-master.zip tar -xJf xtables-addons-*.tar.xz # GeoIP 파일 변환 cd GeoLite2xtables-master ./00_download_geolite2 ./10_download_countryinfo cat /tmp/GeoLite2-Country-Blocks-IPv{4,6}.csv | ./20_convert_geolite2 /tmp/CountryInfo.txt > /usr/share/xt_geoip/GeoIP-legacy.csv ../xtables-addons-2.14/geoip/xt_geoip_build -D /usr/share/xt_geoip /usr/share/xt_geoip/GeoIP-legacy.csv # 압축 rm -rf /usr/share/xt_geoip/GeoIP-legacy.csv tar -cvzf xt_geoip.tar.gz /usr/share/xt_geoip # OpenWRT로 전송 route add -net 192.168.1.0 netmask 255.255.255.0 dev ens33 rm -rf ~/.ssh scp xt_geoip.tar.gz root@192.168.1.1:/tmp/ 2. OpenWRT에서 아래를 실행한다. rm -rf /usr/share/xt_geoip tar -C / -xvzf /tmp/xt_geoip.tar.gz rm -f /tmp/xt_geoip.tar.gz # 테스트 iptables -A INPUT -m geoip --src-cc US -j DROP