TsgcWebSocketFirewall › Properties › GeoIP
Country-based filter that accepts or rejects connections using ISO country codes resolved from a GeoIP database.
property GeoIP: TsgcFirewallGeoIP read FGeoIP write SetGeoIP;—
Enable GeoIP.Enabled to filter connections by country. Populate Countries with ISO 3166-1 alpha-2 codes (for example US, CN, RU) and set Mode to gmBlockList (reject listed countries) or gmAllowList (allow only listed countries). The country is resolved from the database loaded via LoadGeoIPDatabase: either a single CSV (DatabaseFile, format start_ip,end_ip,country_code) or the two MaxMind GeoLite2 files (BlocksFile + LocationsFile). The OnResolveCountry event lets you supply a custom lookup. A rejected connection fires OnViolation with type fvGeoIP and feeds ThreatScore through WeightGeoIP. Default: Mode=gmBlockList.
sgcWebSocketFirewall1.GeoIP.Enabled := True;
sgcWebSocketFirewall1.GeoIP.Mode := gmBlockList;
sgcWebSocketFirewall1.GeoIP.Countries.Add('CN');
sgcWebSocketFirewall1.GeoIP.Countries.Add('RU');
sgcWebSocketFirewall1.GeoIP.DatabaseFile := 'geoip.csv';
sgcWebSocketFirewall1.LoadGeoIPDatabase('geoip.csv');