How to setup iptables on CentOS 6 to easily ACCEPT/DENY based on source country:
yum install gcc gcc-c++ make automake unzip zip xz kernel-devel-`uname -r` iptables-devel perl-Text-CSV_XS
wget http://sourceforge.net/projects/xtables-addons/files/Xtables-addons/1.47/xtables-addons-1.47.1.tar.xz
tar xvf xtables*; cd xtables*; ./configure; make; make install
cd geoip/
./xt_geoip_dl
./xt_geoip_build GeoIPCountryWhois.csv
mkdir -p /usr/share/xt_geoip/
cp -r {BE,LE} /usr/share/xt_geoip/
Test it like this:
iptables -I INPUT -m geoip –src-cc CN -j DROP