PfBlockerNG is not doing what I want…..
-
Can you look over my current config and let me know if it is doing what I want to to do?
Here is what I want my firewall to do:
-
Allow ports 8000-8005 from Internet to specific IPs on LAN
-
Allow port 8443 to Unifi server from Internet
-
Allow port 33333 to internal port 32400 on PLEX server
-
Block Cameras from directly access Internet
-
Block IoT from accessing LAN or Cameras
-
Allow port 17000 for Torrents from WANt
Here is my previous config:
Port Forward (https://imgur.com/NNZS3sV)
Floating Rules (https://imgur.com/3030t1F)
WAN Rules (https://imgur.com/4r0UbYo)
LAN Rules (https://imgur.com/bHQrv1k)
IoT Rules (https://imgur.com/bY8HCZ0)
Camera Rules (https://imgur.com/a/atRoZWX)Now I have implemented the use of pfBlockerNG and I want to use the GeoIP section of this tool to do the following:
-
Permit only USA to access ports 8000-8005, 8443, and 33333
-
Permit ANY GeoIP to access Torrents on 17000
-
Block Outbound to China/Russia/North Korea ( After typing this up I realized I was a paranoid American…..sorry )
-
This should be applicable on all Interfaces.
Here are current config(only uploaded ones that changed):
WAN Rules (https://imgur.com/NkHLtK0)
LAN Rules (https://imgur.com/YYZDMV8)
IoT Rules (https://imgur.com/aqnovss)
Camera Rules (https://imgur.com/jHlWu5E)So in looking at the logs it looks like it is blocking 17000 the same as all the other ports. What did I miss? Anything else that would "optimize" this setup?
-
-
Okay so here is what I really need help with.
I want to block Outgoing packets to Russian and China with the exception of my torrents which I want to send through port 17000.How would I implement this, as the "Invert" option does not appear for ports only for sources or destinations.