Though Ubuntu Linux offers packages for GeoIP filtering, some manual steps are still required for realization.

1. Install the Kernel module + userspace programs

   sudo aptitude install xtables-addons-common

2. Create the directory for the GeoIP list

   sudo mkdir /usr/share/xt_geoip

3. Install the Perl module (optional)

   sudo aptitude install libtext-csv-xs-perl

4. Download GeoIP list

   sudo /usr/lib/xtables-addons/xt_geoip_dl

   This will download the list to the current directory, if you want to change this, do that before execution of this command!

5. Convert the GeoIP list

   sudo /usr/lib/xtables-addons/xt_geoip_build -D /usr/share/xt_geoip *.csv

   This will build the output files in /usr/share/xt_geoip and assumes the GeoIP list is located in the current directory. Please also note, that you have to specify "*.csv", otherwise nothing will happen.

6. Test everything

   sudo iptables -F && iptables -A OUTPUT -m geoip --dst-cc US -j DROP

   This will block all outgoing traffic to IP addresses located in the USA, next you can try to visit Google, this should not work anymore.

References:

1. Robert Haddon's Blog, Words from High, (last visited on 2012-10-27)
2. xtables on sourceforge.net, (last visited on 2012-10-27)