hey guys i just went through this and found a solution. one of our sites that was developed poorly and is going to be shutdown soon was being attacked by a Russian IP address that kept using a SQL injection attack on us. So i was looking into blocking countries in IIS and as i found out doing it real quick in IIS is not possible like it is in Apache. So heres what ended up working for me after hours of looking around. (btw there is a paid tool called IP2Location ISAPI Filter at http://www.ip2location.com/ip2location-isapi-filter.aspx if your willing to spend the money for the yearly fee). Now on to the free way
I first went to http://www.countryipblocks.net/country-blocks/
Choose the country you would like to block (you can also choose multiple if you like) but select "IP Range" as the format up top and you will get a list of ranges for that country. Ctrl + A select the whole list and paste it into a wordpad.
Now next you will need a non Microsoft product called IISIP
Get it here http://www.hdgreetings.com/other/Block-IP-IIS
Extract it and you will see a IPFeeds folder and a few sample lists there, I used the "Feed-Okean-China.xml" and "IPData-Okean China.txt" as a template. so I deleted everything in the text file and pasted in the range list from the site earlier and saved it. Edited the XML accordingly so it matches and loads the right text file and i was able to load the huge blocked list for just the site i was having problems with not my IIS Root.
That small free program saved the day and my time since there isn't an easy way to load huge lists in IIS. too bad the program doesn't do the reverse and let you load allow list so i could say load all the USA IP ranges and deny everything else. Source code is available on that site so i guess its possible but hey i don't program so thats a no go for me. still worked out great anyways hope this helps someone else.
Thanks
Rich