Icecast and geoip blocking

Quick & Dirty guide to GeoIP blocking, FI IP address only in example.

Debian Wheezy (IceCast 2.3.2)

Required Debian Wheezy packages
libgeo-ip-perl libapache2-mod-geoip

enable /etc/apache2/mod-available/geoip.load

Install GeoIP database
Get http://dev.maxmind.com/geoip/legacy/install/city/ and put it in /usr/local/share/GeoIP/

Check install point of downloaded GeoIP .dat in /etc/apache2/mod-available/geoip.conf

/etc/apache2/sites-enabled/000-default
enable Perl in CGI-BIN:

 ServerAdmin webmaster@localhost

DocumentRoot /var/www  Options FollowSymLinks AllowOverride AuthConfig Indexes Limit FileInfo 

ScriptAlias /cgi-bin/ /var/www/cgi-bin/  AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all 

ErrorLog ${APACHE_LOG_DIR}/error.log

# Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel info

CustomLog ${APACHE_LOG_DIR}/access.log combined 

/etc/icecast2/web/status.xls
Disable Login in mount point (lock icon disappears):

/var/www/cgi-bin/auth.pl
use Geo::IP; use CGI;
 * 1) ! /usr/bin/perl
 * 2) (c) Teemu Mikkonen (Temez) 2014
 * 3) Licenced with Public Domain and CC0

my $q = new CGI;

my $gi = Geo::IP->new(GEOIP_MEMORY_CACHE); my $country = $gi->country_code_by_addr($q->param("ip"));

print "Content-type: text/html\n"; if($country eq "FI"){ print "icecast-auth-user: 1\n"; } else{ print "icecast-auth-user: 0\n"; } print "\n";

IceCast source auth lines
/testmusic source hackmemore  