Introducing geoip-shell, the continuation of the geoblocker-bash project

[friendly-bits]

What's changed between the last release of geoblocker-bash and the first release of geoip-shell?

A lot. Main changes:

• All scripts have been translated from Bash to POSIX-compliant shell code.

• nftables support has been implemented.

• very different (and significantly better) structure of firewall rules under the hood.

• Proper support for running on a router has been implemented, alongside support for running on a host.

• Additional features have been implemented, including support by the -manage and -apply scripts for switching geoip on and off while leaving the firewall rules and nftables sets in place.

• The raw ip lists are no longer kept on disk after having been applied. Instead, once the ip lists have been loaded into nftables sets (which also optimizes them), they get dumped back to disk, then compressed by the -backup script. The compressed lists are then used both to restore nftables sets after a reboot and as a backup.

• Virtually every bit of code has been optimized and improved.

• Some complexities in internal logic have been replaced by a more straightforward code, which makes the project more robust and reliable.

• The -fetch and -apply scripts have been almost completely rewritten. The -manage script has been streamlined and partially rewritten. Most other scripts went through significant changes.

• A lot of external dependencies have been removed and their functionality implemented through shell builtins.

• Documentation has been updated and improved.

• 3 new scripts have been added:

• geoip-shell-nft.sh: implements nftables-related functions used in several other scripts

• posix-arrays-a-mini.sh: implements limited support for arrays (used to translate certain bits of the bash code which require arrays)

• ip-regex.sh: holds some common regex's used in multiple scripts

• After all these changes, the resulting code base is leaner by about a third (currently 114KB vs 170KB in geoblocker-bash).

Enjoy!