Help with GeoIP aliases needed

  • I'm trying to only permit traffic from the United States to a handful of ports on my pfSense router.

    I thought I had it working with GeoIP - North America - List Action = Alias Permit
    Combined with my specific firewall rules that reference the pfB_NAmerica_v4 alias

    However, in my firewall logs I'm finding IP addresses permitted through. For example, I'm seeing the follow source IP addresses coming through:
    None of those IPs, or their related subnets appear in the North America

    All other GeoIP countries have nothing selected in the list with a List Action = Permit Both

    Clearly I'm doing something wrong. I've tried my best to find manuals for pfBlockerNG online but the results are sparse.

    Thanks in advance, Jason

  • LAYER 8 Global Moderator

    @cfapress said in Help with GeoIP aliases needed:

    maxmind sure thinks that is US IP. US Wayne,
    United States,
    North America 04284 44.3493,
    -70.0712 50 Mid-Maine Communications Mid-Maine Communications 500

    Why would you think its not? Same goes for the other 2 US San Antonio,
    United States,
    North America 78288 29.4247,
    -98.4935 1000 Microsoft Corporation Microsoft Azure 641 US West Babylon,
    New York,
    United States,
    North America 11704 40.7135,
    -73.3546 20 Verizon Fios Business Verizon Fios Business 501

    Looking in my NA list I see

    Which would be -
    So yeah your is in that list.

  • AH ... yes, indeed my subnetting skills were lacking here.

    I resorted to lookups with this tool which helped me better understand what my brain couldn't sort out itself:

    Your link to the maxmind database is very helpful. So, thank you for that. Much appreciated. It will come in handy in the future.

    Thanks for the prompt response.

Log in to reply