• Trying to block malicious incoming attacks. I have managed to install PFBlockerNG and I can see a number of things that looks useful. But with the millions upon millions of settings under so many headings I simply have no idea what I am doing. I am not a computer / network engineer and can't understand the language.

    Is there anyone out there that can configure this thing for me based on an English language description of what I am trying to achieve? Very happy to pay someone.

    Simple description;

    I have a machine which is Internet Connected for remote monitoring.
    I want to block (dump / loose / don't respond) all incoming IP's that are Geolocated outside Europe
    There is 1 WAN port with port forwarding set up to three IP addresses

    The system must be 100% reliable at allowing remote access from European IPs, it does not need to be 100% reliable in blocking incoming port probes but needs to reduce them significantly (because these use the satellite data allowance up).


  • If all you're trying to do is block all traffic except traffic from Europe, you'll use the GeoIP blocking functionality of pfBlockerNG. In the pfBlockerNG package, go under IP > GeoIP, you'll want to go down the list of the continents (except Europe) and select "Deny Both."

    This is assuming on the general page you have pfBlockerNG enabled. Also, under the IP settings page, you also need to select the interfaces where you want the rules to be. You'll want them on both your WAN and local interfaces.