GeoIP blocking incoming traffic from specific countries to specific destination ports on my WAN interface
I want to block income traffic to my WAN interface for destination ports I use for port forwarding, since I learned that GeoIP blocking is useful only if you have open ports on the WAN interface.
In future I'm planing to use whitelists for selecting countries, but for now I am sticking with blacklist countires.
I selected the desired countries in the GeoIP section with List Action: Deny Inbound
and Advanced Inbound Firewall Rule with Custom DST Port enabled and alias name WAN_ports defined in Firewall/Aliases containing the destination ports I want to block, also Custom Protocol is set to TCP/UDP.
I have Firewall rule on my WAN interface looking like this:
On my dashboard I have:
And packets having destination ports on my wan interface not defined in alias WAN_ports, and also in my Firewall logs I have denying traffic to destination ports on my WAN interface not defined in the alias but blocked by pfB_Top_v4 auto rule