Blocking a country… or how I learned to stop worrying and love the Internet
Sorry, couldnt help with the title…
So I've got my pfsense box up and running happily now. After it came up, the hordes of spammers started hitting my mailserver again, along with all kinds of nasties on the webserver. I had forgotten that on the old fw, I had instituted a weekly Country blocklist (I have no business with people out of China, for instance).
With that said, I wrote a script that once a week went to http://www.ipdeny.com/ipblocks/data/countries/ grabbed the IP's from the countries I wanted to block, and then update their related iptables chains.
How could I go about this in pfsense? I saw a thread that if I go mucking around with ipfw, I'd more than likely kill the box. If that isnt an option, how about something that sends rules via uPNP (i'll have to write that)?
You can probably import them into an alias, I believe that's the most common thing people do. If it makes for an extremely long alias (tens of thousands of lines), it may slow down your web interface considerably if you have a slower box.
Have a look at the following topic: http://forum.pfsense.org/index.php/topic,11279.msg62689/topicseen.html#msg62689
It explains how to build the aliases from a file. You would only have to write a script that pull the correct files from IPdeny every once in a while. It seems to work although I must admit that I did not get it working on my pfsense box so be carefull and make a backup first.