URGENT: Need iRule to block non-US IP's and allow private addresses...

We have an urgent need to block non-US IP addresses but allow our internal private addresses. We are very new to iRules and have come up with the example below, but it is blocking out internal private addresses. Any assistance is appreciated.

when CLIENT_ACCEPTED { if {not ([whereis [IP::client_addr] country] eq "US") or not ([class match [IP::remote_addr] equals private_net]} } {reject} }