PF and GeoIP to update country table?

[Abdullah Ibn Hamad Al-Marri]

On 5/9/07, Volker <volker at vwsoft.com> wrote:
> On 12/23/-58 20:59, Abdullah Ibn Hamad Al-Marri wrote:
> > Another question, how about the update per month? do I need to kill pf
> > and run it again? or a crontab would do the trick and update the IPs?
>
> Abdullah,
>
> unfortunately I'm unable to imagine if it's nice or really, really bad
> idea to block certain countries. It sounds like a chinese wall. If the
> machine in question is a web server, it might be a hardly bad idea and
> would lead into another dimension of separating the world.
>
> Anyway, if you want to replace the in-memory table with a fresh one
> from disk, pfctl is your friend. Have a look at pfctl(8), especially
> the parameters '-t' and '-T'. Doing a `pfctl -t mychinesewall -T
> replace -f /tmp/dolistalltheworld.txt' would be enough.
>
> HTH
>
> Volker
>

Hello Volker,

It's forum server with Arabic only contents, so only users in these
Arabic countries would be able to connect to it.

There are Arabs and ppl speak and read Arabic in the other countries
but I have to lose them since the forum is getting 24/7 days hits by
Arabic script kiddies who think they are elite and will flood it with
fake http requests which kills the MySQL server right away.

The problem is they have tons of bots run in m$ systems, and I have
only 2 choices.
Shut down the forum, or block other countries IPs, if you were in my
place what would you do?
*sigh*

-- 
Regards,

-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/