Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFBlockerNG GEOIP Blocking and Cloudlfare tunnels

    Scheduled Pinned Locked Moved pfBlockerNG
    2 Posts 1 Posters 574 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lrossi
      last edited by

      I'm thinking about using cloudflare tunnels to expose some self-hosted services to the internet without having to open ports in PFsense.

      Has any of you used this service with PFBlockerNG GEOIP blocking?

      I ask because in this scenario all incomming traffic will go to cloudflare who will then redirect it to my server via their tunnel service.

      Therefore, i assume, PFsense will only be able to see the IP of cloudflare and not the IP of the original visitor.

      Based on that i thought that PFBlockerNG wouldn't be able to filter/block the incomming IPs based on their GEO location. That's when i found that cloudflare could include the visitor's IP to the HTTP request headder
      Configuring IP geolocation

      If that is the case, do any of you know if PFBlockerNG can read the IP information from these headers?

      I would appreciate any input on this as it would solve a big problem for our very small company.

      L 1 Reply Last reply Reply Quote 0
      • L
        lrossi @lrossi
        last edited by

        I think i found the answer to my own question.
        It seems that i will not need PFBlockerNG to perform GEOIP blocking since it can be done via some rules set at cloudflare Require specific countries.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.