Specific allow rule GeoIP for specific country
-
Hi. I have an IoT device in my house, connected to the outside so I can manage this device from anywhere on my phone.
I now want to limit the access to this NAT rule, to only all IP's from my country, to be a bit safer.
I have the PfBlocker package installed, which has GeoIP databases, but I can't seem to find a solution to make a firewall rule that does this, maybe it's not possible to do this to 1 specific firewall rule?
In short: only allow access from country X to NAT rule Y
Any help appreciated!
-
Just whatever country IP alias you want in your nat rule as the source..
Example..
Here is alias I created that contains a couple of lists, and US as country. that allows access to my plex server
I moved your thread to the pfblocker section - more appropriate for that area..
Not sure what iot devices you have - but you really should not have to port forward anything for those. I control many lights and smart switches etc from anywhere.. And zero port forwards required because the iot devices phone home.. And you control them via that connection.
-
Thanks for the quick reply :)
I don't know if IoT is the exact category, it's older home automation hardware from 10 years ago, that isn't that clever. It did cost a few pennies, so upgrading it won't be an option for a while.
I will use your solution for now, and maybe contact the manufacturer (or by asking on their forum) if there is a better/safer option to be able to control it from the outside.