Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    All well beyond me!

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 2 Posters 348 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aloening
      last edited by

      Trying to block malicious incoming attacks. I have managed to install PFBlockerNG and I can see a number of things that looks useful. But with the millions upon millions of settings under so many headings I simply have no idea what I am doing. I am not a computer / network engineer and can't understand the language.

      Is there anyone out there that can configure this thing for me based on an English language description of what I am trying to achieve? Very happy to pay someone.

      Simple description;

      I have a machine which is Internet Connected for remote monitoring.
      I want to block (dump / loose / don't respond) all incoming IP's that are Geolocated outside Europe
      There is 1 WAN port with port forwarding set up to three IP addresses

      The system must be 100% reliable at allowing remote access from European IPs, it does not need to be 100% reliable in blocking incoming port probes but needs to reduce them significantly (because these use the satellite data allowance up).

      Thanks.
      Adrian.

      1 Reply Last reply Reply Quote 0
      • B
        bhjitsense
        last edited by

        If all you're trying to do is block all traffic except traffic from Europe, you'll use the GeoIP blocking functionality of pfBlockerNG. In the pfBlockerNG package, go under IP > GeoIP, you'll want to go down the list of the continents (except Europe) and select "Deny Both."

        This is assuming on the general page you have pfBlockerNG enabled. Also, under the IP settings page, you also need to select the interfaces where you want the rules to be. You'll want them on both your WAN and local interfaces.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.