From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: location@lists.ipfire.org Subject: Re: location db mismatch Date: Sat, 29 Jan 2022 11:18:04 +0000 Message-ID: <84d68277-b771-aae2-1a40-fa74351a9607@ipfire.org> In-Reply-To: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============5786998726061873099==" List-Id: --===============5786998726061873099== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hello nusenu, > Maybe something I'll try to understand further: how can I easily determine = if some information > is provided due to a manual override vs. the raw WHOIS information? And if = it was a manual override: > What information did trigger that manual override?=20 unfortunately, there is no way of telling from the location database itself, = since it does not contain the source (RIR, ISP geofeed, override, etc.) of a dataset due to space reaso= ns. However, manual overrides are always handed in as patches on this mailing lis= t. If they are accepted, you will find them in the location-database Git repository (https://git.ipfir= e.org/?p=3Dlocation/location-database.git;a=3Dsummary). Also, Patchwork (https://patchwork.ipfire.org/project/location/list/) tracks = them, so it should be at least transparent which overrides were in place in a given timespan. Today, I am the only person creating them, but would really love to see other= people becoming active in this topic as well. Triggers for overrides are usually abusive or security= -related activities I observe somewhere else, feedback from the IPFire community, or mentions at ot= her mailing lists. As soon as I suspect such a network to have inaccurate or deliberately false country = information set, I take a mental note of it. Should an investigation confirm this, I create an override. Unless it is some= thing urgent, I batch them on a (more or less) weekly basis, and send them to this mailing list. > btw: I'm surprised that you read individual provider company websites to de= termine and manually override the > location of individual ASNs or prefixes of a given AS, I didn't expect that= to be feasible Indeed, this is probably not feasible at a large scale, and I don't do this p= reemptively, only if a network arises my suspicion. To the best of my knowledge, IPFire Location i= s less inaccurate - I won't claim we're "more accurate", since defining accuracy is tricky here -= than its freely available competitors. At least that's the decision the Tor project came to. However, I would love to see other people becoming active in this, especially= with knowledge of parts of the world I lack oversight of. A "best-effort" approach is completel= y fine to me, and IMHO better than anything else we've currently got. Hope to have your question answered. Thanks, and best regards, Peter M=C3=BCller --===============5786998726061873099==--