Diff

--- a/mod_firewall/mod_firewall.lua	Tue Aug 29 23:51:17 2023 +0700
+++ b/mod_firewall/mod_firewall.lua	Tue Feb 06 18:32:01 2024 +0700
@@ -261,9 +261,51 @@
 			return code, { "search:"..search_name, "pattern:"..pattern_name };
 		end;
 	};
+	sender_role = {
+		local_code = [[local sender_role = get_jid_role(bare_from, current_host)]];
+		depends = { "bare_from", "current_host", "get_jid_role" };
+	};
+	recipient_role = {
+		local_code = [[local recipient_role = get_jid_role(bare_to, current_host)]];
+		depends = { "bare_to", "current_host", "get_jid_role" };
+	};
 	scan_list = {
 		global_code = [[local function scan_list(list, items) for item in pairs(items) do if list:contains(item) then return true; end end end]];
-	}
+	};
+	iplib = {
+		global_code = [[local iplib = require "util.ip";]];
+	};
+	geoip_country = {
+		global_code = [[
+local geoip_country = require "geoip.country";
+local geov4 = geoip_country.open(module:get_option_string("geoip_ipv4_country", "/usr/share/GeoIP/GeoIP.dat"));
+local geov6 = geoip_country.open(module:get_option_string("geoip_ipv6_country", "/usr/share/GeoIP/GeoIPv6.dat"));
+local function get_geoip(ips, what)
+	if not ips then
+		return "--";
+	end
+	local ip = iplib.new_ip(ips);
+	if not ip then
+		return "--";
+	end
+	if ip.proto == "IPv6" and geov6 then
+		local geoinfo = geoinfo:query_by_addr6(ip.addr);
+		if geoinfo then
+			return geoinfo[what or "code"];
+		end
+	elseif ip.proto == "IPv4" and geov4 then
+		local geoinfo = geoinfo:query_by_addr(ip.addr);
+		if geoinfo then
+			return geoinfo[what or "code"];
+		end
+	end
+	return "--";
+end
+		]];
+		depends = {
+			"iplib"
+		}
+	};
 };
 
 local function include_dep(dependency, code)