GitHub - amishmm/pam_geoip: PAM module using MaxMind GeoIP2 database for GeoIP based access control

amishmm / pam_geoip Public

Notifications You must be signed in to change notification settings
Fork 0
Star 5

PAM module using MaxMind GeoIP2 database for GeoIP based access control

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 7 Commits
.gitignore		.gitignore
LICENSE		LICENSE
Makefile		Makefile
README		README
args.c		args.c
check.c		check.c
geoip.conf		geoip.conf
geoip.conf.5.pod		geoip.conf.5.pod
pam_geoip.8.pod		pam_geoip.8.pod
pam_geoip.c		pam_geoip.c
pam_geoip.h		pam_geoip.h
parse.c		parse.c

Repository files navigation

$Id$

pam_geoip - GeoIP account management module for (Linux-)PAM

This PAM module provides GeoIP checking for logins. The user can be allowed
or denied based on the location of the originating IP address. This is
similar to pam_access(8), but uses a GeoIP2 City or GeoIP2 Country database
instead of host name / IP matching.

The matching in pam_geoip is done on given country and city names or on
distance from a given location. With a Country database only matches
of the originating country are possible.

This PAM module provides the "account" hook only. To use this module, add a
line like (optional parts in square brackets)

  account required pam_geoip.so [system_file=file] [geoip_db=file] \
	[action=name] [language=name] [debug]

to the relevant files in /etc/pam.d/ and configure your
/etc/security/geoip.conf and/or /etc/security/geoip.SERVICE.conf.

Requirements:

Debian (lenny, squeeze, sid [Linux, kFreeBSD]):
  building: libmaxminddb-dev, libpam0g-dev, perl (pod2man)
  running: libmaxminddb, libpam0g, libpam-{modules,runtime}, a GeoIP2 City
     database or a GeoIP Country database, see
     https://www.maxmind.com/en/geoip2-databases and
     https://dev.maxmind.com/geoip/geoip2/geolite2/ for more information.