This is an excellent idea, I just have absolutely no idea how to do this. Also we have some GIs in Afganistan that I would want to be able to post.
Do you have root access? In CSF config find CC_ALLOW_FILTER
# An alternative to CC_ALLOW is to only allow access from the following
# countries but still filter based on the port and packets rules. All other
# connections are dropped
Put US and restart CSF. This will now block anyone on a non-US IP. As far as the GI's you can do 1 of 2 ideas. Either take there IP and put them in the IP IGNORE list, this would over ride any firewall block if on that IP or add Afganistan or whatever country the carrier is also to CC_ALLOW_FILTER