Correct setup to protect open WAN ports?
-
Hi,
I want your help to tell me if this setup is completely wrong.
I have been reading through this forum about pfBlockerNG but I find it hard to understand how to setup…Lets say that I only have to ports open, 51205 and 52121.
Now I want only IP-adresses from Åland to access these ports.
So this is what I have done:- I have then created a alias with ports 51205 and 52121 in case I want to add more ports.
- In pfBlocker I have then under GeoIP --> Europe I have selected Åland in both IPv4 and IPv6
- Selected Deny Inbound under List Action.
- Selected Invert Source
- Selected my alias under Custom DST Port
- Selected protocol TCP/UDP
Is this correct if I only want to allow IP-addresses from Åland?
Or am I doing something wrong?Thanks!
-
Instead of:
- Selected Deny Inbound under List Action.
- Selected Invert Source
Why not just use the "Permit Inbound" Action option?
-
Hi,
:o, why didn't I think of that.
I have now changed it and it seems to be working :)
Thanks!I have some other question that any of you might know the answer of…
-
In the dahboard under pfBlockerNG I can see the number of packets being blocked.
If I press the number I'm being re-directed to the alerts tab so I can see these alerts but there's nothing logged. Why is that? -
pfBlockerNG is scheduled to update every hour as default and this has been working (I think) but now it doesn't seem to work.
I the attached image you can see in the dashboard that I did a manual update 22:03 but then it hasn't update by schedule. Do you know why?
Thanks!
-
-
See the following link about your first question:
https://forum.pfsense.org/index.php?topic=99929.msg556801#msg556801MaxMind updates once a month, so there is no reason to run cron updates hourly for GeoIP. However. If you add other IP feeds, you should update at an increased frequency.
