Help with GeoIP aliases needed



  • I'm trying to only permit traffic from the United States to a handful of ports on my pfSense router.

    I thought I had it working with GeoIP - North America - List Action = Alias Permit
    Combined with my specific firewall rules that reference the pfB_NAmerica_v4 alias

    However, in my firewall logs I'm finding IP addresses permitted through. For example, I'm seeing the follow source IP addresses coming through:
    216.220.228.202
    104.214.115.196
    74.101.171.253
    None of those IPs, or their related subnets appear in the North America

    All other GeoIP countries have nothing selected in the list with a List Action = Permit Both

    Clearly I'm doing something wrong. I've tried my best to find manuals for pfBlockerNG online but the results are sparse.

    Thanks in advance, Jason


  • LAYER 8 Global Moderator

    @cfapress said in Help with GeoIP aliases needed:

    216.220.228.202

    maxmind sure thinks that is US IP.
    16.220.228.202 US Wayne,
    Maine,
    United States,
    North America 04284 44.3493,
    -70.0712 50 Mid-Maine Communications Mid-Maine Communications midmaine.com 500

    Why would you think its not? Same goes for the other 2
    104.214.115.196 US San Antonio,
    Texas,
    United States,
    North America 78288 29.4247,
    -98.4935 1000 Microsoft Corporation Microsoft Azure 641
    74.101.171.253 US West Babylon,
    New York,
    United States,
    North America 11704 40.7135,
    -73.3546 20 Verizon Fios Business Verizon Fios Business verizon.net 501

    https://www.maxmind.com/en/geoip-demo

    Looking in my NA list I see
    216.220.128.0/17

    Which would be 216.220.128.0 - 216.220.255.255
    So yeah your 216.220.228.202 is in that list.



  • AH ... yes, indeed my subnetting skills were lacking here.

    I resorted to lookups with this tool which helped me better understand what my brain couldn't sort out itself:
    http://jodies.de/ipcalc?host=216.220.128.0&mask1=17&mask2=

    Your link to the maxmind database is very helpful. So, thank you for that. Much appreciated. It will come in handy in the future.

    Thanks for the prompt response.


Log in to reply