]>
Commit | Line | Data |
---|---|---|
1d237439 | 1 | = location(8) |
161ac92d MT |
2 | |
3 | == NAME | |
1d237439 | 4 | location - Query the location database |
161ac92d MT |
5 | |
6 | == SYNOPSIS | |
7 | [verse] | |
7fc9b99b | 8 | `location export --directory=DIR [--format=FORMAT] [--family=ipv6|ipv4] [ASN|CC ...]` |
1d237439 | 9 | `location get-as ASN [ASN...]` |
2f42147f | 10 | `location list-countries [--show-name] [--show-continent]` |
1d237439 MT |
11 | `location list-networks-by-as ASN` |
12 | `location list-networks-by-cc COUNTRY_CODE` | |
13 | `location list-networks-by-flags [--anonymous-proxy|--satellite-provider|--anycast]` | |
2f42147f MT |
14 | `location lookup ADDRESS [ADDRESS...]` |
15 | `location search-as STRING` | |
97769987 | 16 | `location update [--cron=daily|weekly|monthly]` |
2f42147f | 17 | `location verify` |
161ac92d MT |
18 | |
19 | == DESCRIPTION | |
1d237439 | 20 | `location` retrieves information from the location database. |
161ac92d MT |
21 | This data can be used to determine someone's location on the Internet |
22 | and for building firewall rulesets to block access from certain ASes | |
23 | or countries. | |
24 | ||
25 | == OPTIONS | |
26 | ||
27 | --database FILE:: | |
28 | -d FILE:: | |
29 | The path of the database which is being opened. | |
30 | + | |
31 | If this option is omitted, the system's database will be opened. | |
32 | ||
e16d1683 MT |
33 | --quiet:: |
34 | Enable quiet mode | |
35 | ||
161ac92d MT |
36 | --debug:: |
37 | Enable debugging mode | |
38 | ||
39 | == COMMANDS | |
40 | ||
7fc9b99b MT |
41 | 'export --directory=DIR [--format=FORMAT] [--family=ipv6|ipv4] [ASN|CC ...]':: |
42 | This command exports the whole database into the given directory. | |
43 | + | |
44 | The output can be filtered by only exporting a certain address family, or by passing | |
45 | a list of country codes and/or ASNs. The default is to export all known countries. | |
46 | + | |
47 | The output format can be chosen with the '--format' parameter. For possible formats, | |
48 | please see below. | |
49 | ||
161ac92d MT |
50 | 'get-as ASN [ASN...]':: |
51 | This command returns the name of the owning organisation of the Autonomous | |
52 | System. | |
53 | ||
2f42147f MT |
54 | 'list-countries [--show-name] [--show-continent]':: |
55 | Lists all countries known to the database. | |
889b932a | 56 | + |
2f42147f MT |
57 | With the optional parameters '--show-name' and '--show-continent', the name and |
58 | continent code will be printed, too. | |
889b932a | 59 | |
96d6f071 | 60 | 'list-networks-by-as [--family=[ipv6|ipv4]] [--format=FORMAT] ASN':: |
161ac92d | 61 | Lists all networks which belong to this Autonomous System. |
4439e317 | 62 | + |
44e5ef71 MT |
63 | The '--family' parameter can be used to filter output to only IPv6 or |
64 | IPv4 addresses. | |
65 | + | |
96d6f071 MT |
66 | The '--format' parameter can change the output so that it can be |
67 | directly loaded into other software. For details see below. | |
161ac92d | 68 | |
96d6f071 | 69 | 'list-networks-by-cc [--family=[ipv6|ipv4]] [--format=FORMAT] COUNTRY_CODE':: |
161ac92d MT |
70 | Lists all networks that belong to a country. |
71 | + | |
72 | The country has to be encoded in ISO3166 Alpha-2 notation. | |
4439e317 | 73 | + |
96d6f071 | 74 | See above for usage of the '--family' and '--format' parameters. |
161ac92d | 75 | |
96d6f071 | 76 | 'list-networks-by-flags [--family=[ipv6|ipv4]] [--format=FORMAT] [--anonymous-proxy|--satellite-provider|--anycast]':: |
bbdb2e0a MT |
77 | Lists all networks that have a certain flag. |
78 | + | |
96d6f071 | 79 | See above for usage of the '--family' and '--format' parameters. |
bbdb2e0a | 80 | |
2f42147f MT |
81 | 'lookup ADDRESS [ADDRESS...]':: |
82 | This command returns the network the given IP address has been found in | |
83 | as well as its Autonomous System if that information is available. | |
84 | ||
85 | 'search-as STRING':: | |
86 | Lists all Autonomous Systems which match the given string. | |
fa9a3663 | 87 | + |
2f42147f MT |
88 | The search will be performed case-insensitively. |
89 | ||
90 | 'update':: | |
91 | This command will try to update the local database. | |
92 | + | |
93 | It will terminate with a return code of zero if the database has been | |
94 | successfully updated. 1 on error, 2 on invalid call and 3 if the | |
95 | database was already the latest version. | |
97769987 MT |
96 | + |
97 | The '--cron' option allows limiting updates to once a day ('daily'), once a week | |
98 | ('weekly'), or once a month ('monthly'). If the task is being called, but the | |
99 | database has been updated recently, an update will be skipped. | |
2f42147f MT |
100 | |
101 | 'verify':: | |
102 | Verifies the downloaded database. | |
fa9a3663 | 103 | |
161ac92d MT |
104 | '--help':: |
105 | Shows a short help text on using this program. | |
106 | ||
107 | '--version':: | |
108 | Shows the program's version and exists. | |
109 | ||
110 | == EXIT CODES | |
1d237439 | 111 | The 'location' command will normally exit with code zero. |
161ac92d MT |
112 | If there has been a problem and the requested action could not be performed, |
113 | the exit code is unequal to zero. | |
114 | ||
7fc9b99b MT |
115 | == FORMATS |
116 | Some commands allow specifying the output format. This is helpful if the exported | |
117 | data should be imported into a packet filter for example. | |
118 | The following formats are understood: | |
119 | ||
120 | * 'list' (default): Just lists all networks, one per line | |
121 | * 'ipset': For ipset | |
122 | * 'nftables': For nftables | |
123 | * 'xt_geoip': Returns a list of networks to be loaded into the | |
124 | xt_geoip kernel module | |
125 | ||
889b932a MT |
126 | == HOW IT WORKS |
127 | The downloader checks a DNS record for the latest version of the database. | |
128 | It will then try to download a file with that version from a mirror server. | |
129 | If the downloaded file is outdated, the next mirror will be tried until we | |
130 | have found a file that is recent enough. | |
131 | ||
161ac92d MT |
132 | == BUGS |
133 | Please report all bugs to the bugtracker at https://bugzilla.ipfire.org/. | |
134 | ||
135 | == AUTHORS | |
136 | Michael Tremer |