On Wednesday, Oct 2, 2002, at 23:21 Canada/Eastern, Ralph Doncaster wrote:
I would like to restrict access from certain countries to content on my network (for security and legal reasons).
So far the best algorithm I've been able to come up with is a combination of reverse DNS and APNIC/ARIN/RIPE whois queries. I've written a perl cgi that checks reverse DNS first, and if there is no gtld country code for the reverse mapping, does a whois query and parses the response for the address.
If you're in the market for a commercial solution, Ixia do one: http://www.ixiacom.com/products/paa/netops/IxMapping.php I don't know where they get their data from, how accurate it is, or what it costs, but I thought I'd mention that there is at least a way to make the problem someone else's by the simple application of money :) Joe