4. GEOIP Blocking

GEOIP Blocking

  • K

    I would assume the rules created to Block need to be located before rules for Pass is this correct

    0

  • It depends on what you're trying to do.  First-match wins.  Btw there are a couple of packages that handle Geo-blocking: pfBlocker, Suricata and Snort.  Configure those and they will add the needed rules.

    0
  • G

    If you us pfBlocker ng you can set the order of the rules there. PfBlocker will then automatically place the rules in the order of you preference.

    Also consider, if and what you want to log.

    E.g.
    I allow and log OpenVPN connections from 1 country only.
    But I also log other countries trying to access the my OpenVPN port. They're mostly just drive-by's but I've also observed snow shoe attacks coming from 4 diffetent countries at the same time.
    E.g. Once in a while there are 4 different hosts from 4 different countries trying to access OpenVPN within 2 minutes.
    Then its quiet for weeks…

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy