Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    GEOIP Blocking

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kdmiller45
      last edited by

      I would assume the rules created to Block need to be located before rules for Pass is this correct

      Thanks for you help, just a newbie here

      Keith

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        It depends on what you're trying to do.  First-match wins.  Btw there are a couple of packages that handle Geo-blocking: pfBlocker, Suricata and Snort.  Configure those and they will add the needed rules.

        1 Reply Last reply Reply Quote 0
        • G
          gcu_greyarea
          last edited by

          If you us pfBlocker ng you can set the order of the rules there. PfBlocker will then automatically place the rules in the order of you preference.

          Also consider, if and what you want to log.

          E.g.
          I allow and log OpenVPN connections from 1 country only.
          But I also log other countries trying to access the my OpenVPN port. They're mostly just drive-by's but I've also observed snow shoe attacks coming from 4 diffetent countries at the same time.
          E.g. Once in a while there are 4 different hosts from 4 different countries trying to access OpenVPN within 2 minutes.
          Then its quiet for weeks…

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.