Output Specifications
About This
This page defines the format of data files that can be downloaded from "Plain Text" and "Access-Control Templates" on each page.
General Rules
Unless overridden by the individual data formats, the following information applies to all formats.
- The encoding is UTF-8. No BOM (Byte Order Mark). It may contains out-of-ASCII characters such as Japanese text.
- The new-line code is one of CR+LF or LF.
- Each record is separated by a new-line.
In case of a format where access control is pre-output, the following will be applied.
- If the country/region being output is "Japan", the "Allow" setting is output by default.
- If the country/region being output is not "Japan", the "Deny" setting is output by default.
-
You can change the setting to "Allow" by adding "
?control=allow
" to the URL. -
You can change the setting to "Deny" by adding "
?control=deny
" to the URL.
Plain Text
-
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records. - CIDRs are output as is.
Apache (.htaccess)
- Apache 2.2 format data is output.
-
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.
Apache (.htaccess), packed
- Apache 2.2 format data is output.
- Pack multiple CIDRs into a single line.
-
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.
Apache 2.4
- Apache 2.4 format data is output.
-
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.
CSV
-
CSV (RFC 4180) format data is output.
To handle it correctly, a parser that conforms to RFC 4180 is required.- The new-line code is CR+LF.
- The value of each column may or may not be enclosed in double quotes.
-
The column may contain double quotes.
If it contains double-quotes, for example, the value "A"B
" will be printed as ""A""B"
", as shown in RFC 4180. - The column may contain line breaks.
- Because no BOM is output, it is possible that non-ASCII characters in the comment part will be mojibake in Microsoft Excel.
-
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records. -
The columns are output in the following order.
- CIDR
- Start Address
- End Address
- Prefix
- Subnet Mask
- Number of Addresses
Do not expect it is exactly 6 columns.
ipset (firewalld)
-
Outputs XML format can be used as Firewalld configuration file.
It is installed into/etc/firewalld/ipsets/
for use.
You cannot use it from theipset
orfirewall-cmd
command. - The output is well-formed XML.
-
Between "
<!--
" and "-->
" is a comment.
The lines of the comment begins with "#
" so that it can be easily removed by line-based processors (e.g.,grep
).
IIS/Azure (ipSecurity)
- Outputs XML format can be used as part of IIS configuration file.
- The output is well-formed XML.
-
The root element is
<ipSecurity>
.
You need to edit the XML with an XML processor to use it. -
Between "
<!--
" and "-->
" is a comment.
The lines of the comment begins with "#
" so that it can be easily removed by line-based processors (e.g.,grep
).
iptables
-
The output is in data format for use with
iptables-restore
, etc.
Used as part of a configuration file foriptables
, such as/etc/sysconfig/iptables
. -
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records. -
You cannot change the access control.
The output is always in the format-A RULE1 -s 198.51.100.0/24 -j RULE2
.
You will need to usesed
etc. to replace it to get the expected behavior.
ipv4bycc compat.
- The output is in the format compatible with this web site.
- However, the output includes comment lines and it is output separately for each country/region.
-
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.
Nginx
-
Outputs the access control syntax for Nginx.
You will probably include it as aserver
orlocation
setting. -
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.
Nginx (Geo)
- Output the format used by Nginx's nginx_http_geo_module.
-
The variable name is like "
$ipv4_jp
", which is "$ipv4_
+CC."
For krfilter/eufilter, it will be like "$ipv4_krfilter_1
." -
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.
Postfix
-
Outputs formats which can be used for Postfix's
check_client_access
, etc.
Set up and use it like "smtpd_client_restrictions = check_client_access cidr:/etc/postfix/kr.cidr
". -
All lines beginning with "
#
" are comments.
The content is not specified and is assumed to be read by humans.
For machine processing, this line should be ignored.
Never start a comment in the middle of a line.
They may also be placed between data records. -
A blank line may be inserted anywhere.
They may also be placed between data records.