[![globe](https://geoip.site/globe.jpg)](https://geoip.site/) # **GeoIP.acl** Downloads This directory contains `GeoIP.acl` data sourced from the three well known geolocation providers listed below. * [MaxMind](https://dev.maxmind.com/geoip/geoip2/geolite2/) * [Continent](MaxMind.continent/) * [Country](MaxMind/) * [Region](MaxMind.region/) * [Area](MaxMind.area/) * [IP2Location](https://lite.ip2location.com/database/ip-country) * [Country](IP2Location/) * [DB-IP](https://db-ip.com/db/lite.php) * [Continent](DB-IP.continent/) * [Country](DB-IP/) * [Region](DB-IP.region/) All `GeoIP.acl` files are in an **ACL format** that is parsable by [BIND](https://www.isc.org/bind/) where each ACL contains its associated **IPv4 and IPv6 networks** in classic CIDR notation. The **continent**, **region** and **area** aggregations contain similar ACLs with a higher or lower aggregation than **country**. Example ACL aggregations from largest to smallest are below. * **Continent** * `AF` - **Africa** * `AN` - **Antarctica** * `AS` - **Asia** * `EU` - **Europe** * `NA` - **North America** * `OC` - **Oceania** * `SA` - **South America** * **Country** * `GB` - **Great Britain** * `US` - **United States** * ... * **Region** * `GB:ENG` - **England** in **Great Britain** * `GB:NIR` - **Northern Ireland** in **Great Britain** * `GB:SCT` - **Scotland** in **Great Britain** * `US:CA` - **California** in **United States** * `US:NY` - **New York** in **United States** * `US:TX` - **Texas** in **United States** * ... * **Area** * `GB:ENG:LND` - **City of London** in **England** in **Great Britain** * `GB:NIR:BFS` - **Belfast** in **Northern Ireland** in **Great Britain** * `GB:SCT:ABD` - **Aberdeenshire** in **Scotland** in **Great Britain** * `US:CA:803` - **Acton**, **Adelanto**, **Agoura Hills** and many others in **California** in **United States** * `US:NY:533` - **Fishers Island** in **New York** in **United States** * `US:TX:635` - **Austin** in **Texas** in **United States** * ... Where ranges have been identified as being adjacent to each other and belonging to the same ACL, such ranges have been aggregated to minimise the total number of CIDR entries being generated, resulting in the `GeoIP.acl` file being at the minimum size it can possibly be. All three providers are probed daily and any changes to their source data triggers automatic `GeoIP.acl` file re-generation processes. All `GeoIP.acl` files are validated by `named-checkconf` upon each re-generation cycle to ensure they always remain parsable by [BIND](https://www.isc.org/bind/). Should you have any automated processes pulling these files, for direct use in [BIND](https://www.isc.org/bind/), they should always remain valid and error free. # **GeoIP.acl** with BIND EDNS Client-Subnet (ECS) Support Note that it is possible to transform any available `GeoIP.acl` file into an ECS equivalent version for use within [BIND](https://www.isc.org/bind/). To duplicate each ACL entry and place it infront of that existing entry as a new `ecs` entry, a `sed` replacement such as this will work: * `curl -s https://geoip.site/download/PROVIDER/GeoIP.acl | sed 's/^\t\(.*\)/\tecs \1 \1/' > GeoIP.acl` To transform any existing `GeoIP.acl` file into an ECS **only** version, a `sed` replacement such as this will work: * `curl -s https://geoip.site/download/PROVIDER/GeoIP.acl | sed -e 's/^acl /acl ecs-/' -e 's/^\t/\tecs /' > GeoIP.acl` It depends on your specific requirements as to which method will suit your needs best. Please adapt the above examples as necessary for generating custom ECS variants of any original `GeoIP.acl` file. # Notes * All files matching `GeoIP.acl*` are **edge-cached** by [Cloudflare](https://www.cloudflare.com/) for a period of **24 hours**. * All other files remain uncached, specifically the checksum files ending in `.md5` `.sha1` `.sha224` `.sha256` `.sha384` `.sha512` * To verify that you have fetched the latest version of any specific `GeoIP.acl*` file, fetch an appropriate checksum file matching the checksum algorithm you are using and validate the hash contained within it matches. If the hashes do not match, you have fetched an edge-cached copy from [Cloudflare](https://www.cloudflare.com/) and will need to wait at least 24 hours before the latest version of the file is served to you. * If you have limited bandwidth, please consider downloading a compressed version of any available `GeoIP.acl` file, which has been made available under the following compression schemes with appropriate file extensions `bz2` `gz` `xz` `zip` `zst`