Blocking all internet?
I've got the latest pfsense kickin like chicken and I suddenly lose Internet for some reason without much configured besides GEOIP.
built on Wed May 03 15:22:11 CDT 2017
I have ALL countries blocked INBOUND except NA of course where I reside. I suddenly lose Internet.
I think this has to do with inbound and outbound rules. Any insight? By default it looks like all interfaces for both are selected. If I disabled PFBlocker all is right with the world and I can access the Interwebs. I wanted to just block INBOUND from all countries for now and allow all OUTBOUND and that assumes then if they go out they can get anything from around the world.
If you want to block inbound from all countries, why not just block inbound in general? Countries don't need to be involved
Take a look at the Help text in the GeoIP Continent Tabs… If you don't have any open WAN ports, the Default WAN deny rule is going to block all unsolicited Traffic (Stateful firewall)...
You only need to protect open WAN ports, and the Outbound... and consider Whitelisting instead of blocking the world.
If you are using the DNS resolver, note that the 13 root DNS servers are not all in North America... Review the Alerts tab and it will show what is being blocked.
Yes I understand this however, I'm going to be turning on "both" not just "inbound" on the FW. I'm easing my way into blocking country outbound SO I need to enabled GEO IP Block.
I haven't quite figured out what was going on BUT it's possible this was a SNORT issue or perhaps a DNS resolution issue at the time.
This might be a non-issue. I've turned pfbng back on, have cleaned a few things up and it seems like all is well.
Thanks for your feedback.