pfblocker, pass incoming if from country.
-
I have some issues with using PFblocker to block incoming connection to some port forwarding rules.
I port forward do my Home Assistant, MQTT and SSH.
When trying to use PFBlocker, it seems to be build towards blocking rather than passing.
I am trying to have it pass, only connection comming in from a certain country. (Only for incomming that tries to connect to some of the stuff I am port forwarding.)
So far, I have been trying changing the flow rule created by PFBlocker, but that gets overwritten when PFBlocker autoupdate.Which setting am I missing :D
-
Then don't let it update, and just use the aliases in your own rules.
If you only want country xyz to be allowed on your forward, then just use that alias as your source for the rule.
-
Well,
I don't see how to do this.
obviously I wan't to auto update the alias list, so I guess I would have to have PFBlocker enabled.
But I don't see any options in PFBlocker, where it doesn't add a firewall rule.I guess I should be able to somehow only update the country alias list, and in my port forwarding firewall rules, let the source pass if part of the alias list.
-
See the following thread:
https://forum.netgate.com/topic/125250/firewall-rules-order