This following small script will automatically read the lines in Country IP range files from here
and add them to your firewall
Create a file called zoneblock using the following text, then 'chmod +x zoneblock' to make it executable
Just download the zone file you want for the country you want (you can do this using wget), then run Code:
./zoneblock /var/tmp/af.zone eth1
replacing af.zone with whatever file you are using and eth1 with what ever interface your WAN is.
The changes are only temporary till reboot, or until 'service firewall restart'. You could add the command to /etc/rc.d/rc.local to make it run on every bootup
Now you can block whole countries with the click of a button!
# Zoneblock script
# usage: # zoneblock [file] [interface]
while read line
iptables -I INPUT -s $line -i $2 -j DROP
Just FYI, Hope it will help you.