I'd like to block IPs with geoip except whitelisted countries AND the local area network.
The first part works flawless, the second one not.
Somwehere searching the internet I found the codes LH (local host) and LN (local network), but they are both not working.
I'm using the standard howto code for the blocking.
The relevant http {} part in nginx.conf:
geoip_country /usr/share/GeoIP/GeoIP.dat;
map $geoip_country_code $allowed_country {
default no;
US yes;
}
The relevant server {} part in sites-available/default:
block countries
if ($allowed_country = no) {
return 444;
}
Any suggestions would be much appreciated!
Update:
$geoip_country_code variable returns "-" on LAN IP access, but adding "- yes;" to the geoip_county block doesn't work either.
Best Answer
I found a solution - no idea if it's 'clean'. Just overwrite the $allowed_country variable if a lan IP condition was matched before.
and this block before the "#block countries" part