Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help with GeoIP aliases needed

    Scheduled Pinned Locked Moved pfBlockerNG
    3 Posts 2 Posters 525 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • cfapressC
      cfapress
      last edited by

      I'm trying to only permit traffic from the United States to a handful of ports on my pfSense router.

      I thought I had it working with GeoIP - North America - List Action = Alias Permit
      Combined with my specific firewall rules that reference the pfB_NAmerica_v4 alias

      However, in my firewall logs I'm finding IP addresses permitted through. For example, I'm seeing the follow source IP addresses coming through:
      216.220.228.202
      104.214.115.196
      74.101.171.253
      None of those IPs, or their related subnets appear in the North America

      All other GeoIP countries have nothing selected in the list with a List Action = Permit Both

      Clearly I'm doing something wrong. I've tried my best to find manuals for pfBlockerNG online but the results are sparse.

      Thanks in advance, Jason

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz

        @cfapress said in Help with GeoIP aliases needed:

        216.220.228.202

        maxmind sure thinks that is US IP.
        16.220.228.202 US Wayne,
        Maine,
        United States,
        North America 04284 44.3493,
        -70.0712 50 Mid-Maine Communications Mid-Maine Communications midmaine.com 500

        Why would you think its not? Same goes for the other 2
        104.214.115.196 US San Antonio,
        Texas,
        United States,
        North America 78288 29.4247,
        -98.4935 1000 Microsoft Corporation Microsoft Azure 641
        74.101.171.253 US West Babylon,
        New York,
        United States,
        North America 11704 40.7135,
        -73.3546 20 Verizon Fios Business Verizon Fios Business verizon.net 501

        https://www.maxmind.com/en/geoip-demo

        Looking in my NA list I see
        216.220.128.0/17

        Which would be 216.220.128.0 - 216.220.255.255
        So yeah your 216.220.228.202 is in that list.

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • cfapressC
          cfapress
          last edited by

          AH ... yes, indeed my subnetting skills were lacking here.

          I resorted to lookups with this tool which helped me better understand what my brain couldn't sort out itself:
          http://jodies.de/ipcalc?host=216.220.128.0&mask1=17&mask2=

          Your link to the maxmind database is very helpful. So, thank you for that. Much appreciated. It will come in handy in the future.

          Thanks for the prompt response.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.