PfBlockerNG is not doing what I want…..

  • Can you look over my current config and let me know if it is doing what I want to to do?

    Here is what I want my firewall to do:

    • Allow ports 8000-8005 from Internet to specific IPs on LAN

    • Allow port 8443 to Unifi server from Internet

    • Allow port 33333 to internal port 32400 on PLEX server

    • Block Cameras from directly access Internet

    • Block IoT from accessing LAN or Cameras

    • Allow port 17000 for Torrents from WANt

    Here is my previous config:

    Port Forward (
    Floating Rules (
    WAN Rules (
    LAN Rules (
    IoT Rules (
    Camera Rules (

    Now I have implemented the use of pfBlockerNG and I want to use the GeoIP section of this tool to do the following:

    • Permit only USA to access ports 8000-8005, 8443, and 33333

    • Permit ANY GeoIP to access Torrents on 17000

    • Block Outbound to China/Russia/North Korea ( After typing this up I realized I was a paranoid American…..sorry )

    • This should be applicable on all Interfaces.

    Here are current config(only uploaded ones that changed):

    WAN Rules (
    LAN Rules (
    IoT Rules (
    Camera Rules (

    So in looking at the logs it looks like it is blocking 17000 the same as all the other ports.  What did I miss?  Anything else that would "optimize" this setup?

  • Okay so here is what I really need help with.
    I want to block Outgoing packets to Russian and China with the exception of my torrents which I want to send through port 17000.

    How would I implement this, as the "Invert" option does not appear for ports only for sources or destinations.

Log in to reply