GeoIP blocking incoming traffic from specific countries to specific destination ports on my WAN interface

  • Hello,

    I want to block income traffic to my WAN interface for destination ports I use for port forwarding, since I learned that GeoIP blocking is useful only if you have open ports on the WAN interface.

    In future I'm planing to use whitelists for selecting countries, but for now I am sticking with blacklist countires.

    I selected the desired countries in the GeoIP section with List Action: Deny Inbound
    and Advanced Inbound Firewall Rule with Custom DST Port enabled and alias name WAN_ports defined in Firewall/Aliases containing the destination ports I want to block, also Custom Protocol is set to TCP/UDP.

    I have Firewall rule on my WAN interface looking like this:
    On my dashboard I have:

    And packets having destination ports on my wan interface not defined in alias WAN_ports, and also in my Firewall logs I have denying traffic to destination ports on my WAN interface not defined in the alias but blocked by pfB_Top_v4 auto rule

Log in to reply