importer: Drop EDROP as it has been merged into DROP

[location/libloc.git] / man / location.txt

= location(1)

== NAME
location - Query the location database

== SYNOPSIS
[verse]
`location export --directory=DIR [--format=FORMAT] [--family=ipv6|ipv4] [ASN|CC ...]`
`location get-as ASN [ASN...]`
`location list-countries [--show-name] [--show-continent]`
`location list-networks-by-as ASN`
`location list-networks-by-cc COUNTRY_CODE`
`location list-networks-by-flags [--anonymous-proxy|--satellite-provider|--anycast|--drop]`
`location lookup ADDRESS [ADDRESS...]`
`location search-as STRING`
`location update [--cron=daily|weekly|monthly]`
`location verify`
`location version`

== DESCRIPTION
`location` retrieves information from the location database.
This data can be used to determine someone's location on the Internet
and for building firewall rulesets to block access from certain ASes
or countries.

== OPTIONS

--database FILE::
-d FILE::
        The path of the database which is being opened.
        +
        If this option is omitted, the system's database will be opened.

--quiet::
        Enable quiet mode

--debug::
        Enable debugging mode

== COMMANDS

'export [--directory=DIR] [--format=FORMAT] [--family=ipv6|ipv4] [ASN|CC ...]'::
        This command exports the whole database into the given directory.
        +
        The output can be filtered by only exporting a certain address family, or by passing
        a list of country codes and/or ASNs. The default is to export all known countries.
        +
        The output format can be chosen with the '--format' parameter. For possible formats,
        please see below.
        +
        If the '--directory' option is omitted, the output will be written to stdout which
        is useful when you want to load any custom exports straight into nftables or ipset.

'get-as ASN [ASN...]'::
        This command returns the name of the owning organisation of the Autonomous
        System.

'list-countries [--show-name] [--show-continent]'::
        Lists all countries known to the database.
        +
        With the optional parameters '--show-name' and '--show-continent', the name and
        continent code will be printed, too.

'list-networks-by-as [--family=[ipv6|ipv4]] [--format=FORMAT] ASN'::
        Lists all networks which belong to this Autonomous System.
        +
        The '--family' parameter can be used to filter output to only IPv6 or
        IPv4 addresses.
        +
        The '--format' parameter can change the output so that it can be
        directly loaded into other software. For details see below.

'list-networks-by-cc [--family=[ipv6|ipv4]] [--format=FORMAT] COUNTRY_CODE'::
        Lists all networks that belong to a country.
        +
        The country has to be encoded in ISO3166 Alpha-2 notation.
        +
        See above for usage of the '--family' and '--format' parameters.

'list-networks-by-flags [--family=[ipv6|ipv4]] [--format=FORMAT] [--anonymous-proxy|--satellite-provider|--anycast|--drop]'::
        Lists all networks that have a certain flag.
        +
        See above for usage of the '--family' and '--format' parameters.

'list-bogons [--family=[ipv6|ipv4]] [--format=FORMAT]'::
        Lists all bogons (i.e. networks that are unknown to the database).
        +
        See above for usage of the '--family' and '--format' parameters.

'lookup ADDRESS [ADDRESS...]'::
        This command returns the network the given IP address has been found in
        as well as its Autonomous System if that information is available.

'search-as STRING'::
        Lists all Autonomous Systems which match the given string.
        +
        The search will be performed case-insensitively.

'update'::
        This command will try to update the local database.
        +
        It will terminate with a return code of zero if the database has been
        successfully updated. 1 on error, 2 on invalid call and 3 if the
        database was already the latest version.
        +
        The '--cron' option allows limiting updates to once a day ('daily'), once a week
        ('weekly'), or once a month ('monthly'). If the task is being called, but the
        database has been updated recently, an update will be skipped.

'verify'::
        Verifies the downloaded database.

'version'::
        Shows the version information of the downloaded database.

'--help'::
        Shows a short help text on using this program.

'--version'::
        Shows the program's version and exists.

== EXIT CODES
The 'location' command will normally exit with code zero.
If there has been a problem and the requested action could not be performed,
the exit code is unequal to zero.

== FORMATS
Some commands allow specifying the output format. This is helpful if the exported
data should be imported into a packet filter for example.
The following formats are understood:

        * 'list' (default): Just lists all networks, one per line
        * 'ipset': For ipset
        * 'nftables': For nftables
        * 'xt_geoip': Returns a list of networks to be loaded into the
          xt_geoip kernel module

== HOW IT WORKS
The downloader checks a DNS record for the latest version of the database.
It will then try to download a file with that version from a mirror server.
If the downloaded file is outdated, the next mirror will be tried until we
have found a file that is recent enough.

== BUG REPORTS
Please report all bugs to the bugtracker at https://bugzilla.ipfire.org/;
refer to https://wiki.ipfire.org/devel/bugzilla for details.

== AUTHORS
Michael Tremer