Using pfBlockerNG Alias as source for NAT rule
-
I am trying to use pfblockerng to create an alias of the US IP space so I can use that as a source in my NAT rule.
I have created an alias match under GEOIP North America as well as created an alias under IPV4 pointing at the source /usr/local/share/GeoIP/cc/US_v4.txt. When I go into the NAT rule the aliases I have created do not show up.Am I missing something, maybe misunderstanding the pfblockerng / nat connection or is there a better way to accomplish this?
Thanks in advance.
-
Here is how I allow the access to my SFTP server using GEOIP:-
NB I use any on the NAT rule so I can quickly change the firewall rule if needed.
-
Thanks much for the help my friend. I got it working.
Its weird about an hour after i was working on it the alias's popped up as an available alias in the NAT source alias.Always appreciate your time. Im sure this will help many folks.
Have a great day.
B -
@bradyrf said in Using pfBlockerNG Alias as source for NAT rule:
Its weird about an hour after i was working on it the alias's popped up as an available alias in the NAT source alias.
RTFM:
-
Don't create the alias using Firewall -> pfBlockerNG -> IP -> GeoIP as it will tie up the North America rule.
Better to use Firewall -> pfBlockerNG -> IP -> IPv4 & IPv6 as you can name the alias whatever you want.
You can force an update of the aliases via Firewall -> pfBlockerNG -> Update
-
Thank you kind sir.
I appreciate the advice.
B
