Watcher 1.3 available through the online shop for a 5 EURO donation.

Watcher 1.3.1 -currently under testing- introduced GEOIP
Under test IPSETs for China, Russia are filled-in with IP addresses from the free rendition at
https://www.ipdeny.com/ipblocks/
The data files are separately sorted by country code and any of the XX-aggredated.zone files should be chosen as these come in CIDR notation.
One can download any of the XX-aggregated.zone files and provide them in $MASTERPATH/geo/...
Watcher will then do the rest automatically.

root@vmd28527 geo]# pwd
/root/bin/Watcher/geo
# ls -la
total 228
drwxr-xr-x  2 root root   4096 Mar  2  2022 .
drwxr-xr-x 10 root root   4096 Sep  4 14:10 ..
-rw-r--r--  1 root root   1445 Mar  2  2022 by-aggregated.zone
-rw-r--r--  1 root root  81309 Feb 25  2022 cn-aggregated.zone
-rw-r--r--  1 root root     16 Mar  2  2022 kp-aggregated.zone
-rw-r--r--  1 root root 131846 Feb 25  2022 ru-aggregated.zone

root@vmd28527 geo]# ipset -n list | grep geo
geo-by
geo-cn
geo-kp
geo-ru

In order to disable a '*.zone' file modify the ending to '*.zone-disable'; e.g. by
moving (renaming) the file.

# mv by-aggregated.zone by-aggregated.zone-disable

As a result the amount of attacks drops by about 60% only for China (cn) and Russia (ru)