This page defines the format of data files that can be downloaded from "Plain Text" and "Access-Control Templates" on each page.

Unless overridden by the individual data formats, the following information applies to all formats.

• The encoding is UTF-8. No BOM (Byte Order Mark). It may contains out-of-ASCII characters such as Japanese text.
• The new-line code is one of CR+LF or LF.
• Each record is separated by a new-line.

In case of a format where access control is pre-output, the following will be applied.

• If the country/region being output is "Japan", the "Allow" setting is output by default.
• If the country/region being output is not "Japan", the "Deny" setting is output by default.
• You can change the setting to "Allow" by adding "?control=allow" to the URL.
• You can change the setting to "Deny" by adding "?control=deny" to the URL.

• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.
• CIDRs are output as is.

• Apache 2.2 format data is output.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.

• Apache 2.2 format data is output.
• Pack multiple CIDRs into a single line.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.

• Apache 2.4 format data is output.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.

• CSV (RFC 4180) format data is output.
  To handle it correctly, a parser that conforms to RFC 4180 is required.
  • The new-line code is CR+LF.
  • The value of each column may or may not be enclosed in double quotes.
  • The column may contain double quotes.
    If it contains double-quotes, for example, the value "A"B" will be printed as ""A""B"", as shown in RFC 4180.
  • The column may contain line breaks.
• Because no BOM is output, it is possible that non-ASCII characters in the comment part will be mojibake in Microsoft Excel.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.
• The columns are output in the following order.
  • CIDR
  • Start Address
  • End Address
  • Prefix
  • Subnet Mask
  • Number of Addresses
  It may be expanded in the future (when expanded, it will be added to the right side).
  Do not expect it is exactly 6 columns.

• Outputs XML format can be used as Firewalld configuration file.
  It is installed into /etc/firewalld/ipsets/ for use.
  You cannot use it from the ipset or firewall-cmd command.
• The output is well-formed XML.
• Between "<!--" and "-->" is a comment.
  The lines of the comment begins with "#" so that it can be easily removed by line-based processors (e.g., grep).

• Outputs XML format can be used as part of IIS configuration file.
• The output is well-formed XML.
• The root element is <ipSecurity>.
  You need to edit the XML with an XML processor to use it.
• Between "<!--" and "-->" is a comment.
  The lines of the comment begins with "#" so that it can be easily removed by line-based processors (e.g., grep).

• The output is in data format for use with iptables-restore, etc.
  Used as part of a configuration file for iptables, such as /etc/sysconfig/iptables.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.
• You cannot change the access control.
  The output is always in the format -A RULE1 -s 198.51.100.0/24 -j RULE2.
  You will need to use sed etc. to replace it to get the expected behavior.

• The output is in the format compatible with this web site.
• However, the output includes comment lines and it is output separately for each country/region.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.

• Outputs the access control syntax for Nginx.
  You will probably include it as a server or location setting.
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.

• Output the format used by Nginx's nginx_http_geo_module.
• The variable name is like "$ipv4_jp", which is "$ipv4_+CC."
  For krfilter/eufilter, it will be like "$ipv4_krfilter_1."
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.

• Outputs formats which can be used for Postfix's check_client_access, etc.
  Set up and use it like "smtpd_client_restrictions = check_client_access cidr:/etc/postfix/kr.cidr".
• All lines beginning with "#" are comments.
  The content is not specified and is assumed to be read by humans.
  For machine processing, this line should be ignored.
  Never start a comment in the middle of a line.
  They may also be placed between data records.
• A blank line may be inserted anywhere.
  They may also be placed between data records.