GeoIP blocking incoming traffic from specific countries to specific destination ports on my WAN interface



  • Hello,

    I want to block income traffic to my WAN interface for destination ports I use for port forwarding, since I learned that GeoIP blocking is useful only if you have open ports on the WAN interface.

    In future I'm planing to use whitelists for selecting countries, but for now I am sticking with blacklist countires.

    I selected the desired countries in the GeoIP section with List Action: Deny Inbound
    and Advanced Inbound Firewall Rule with Custom DST Port enabled and alias name WAN_ports defined in Firewall/Aliases containing the destination ports I want to block, also Custom Protocol is set to TCP/UDP.

    I have Firewall rule on my WAN interface looking like this:
    34df2523-ce98-4094-b4c0-c64d8520b742-image.png
    On my dashboard I have:
    c2750118-4fc9-4f35-93a8-04ed08b2e52c-image.png

    And packets having destination ports on my wan interface not defined in alias WAN_ports, and also in my Firewall logs I have denying traffic to destination ports on my WAN interface not defined in the alias but blocked by pfB_Top_v4 auto rule


Log in to reply