Netgate SG-1000 microFirewall

Author Topic: Only allowing United States  (Read 152 times)

0 Members and 1 Guest are viewing this topic.

Offline wiz561

  • Full Member
  • ***
  • Posts: 141
  • Karma: +0/-0
    • View Profile
Only allowing United States
« on: February 07, 2018, 08:37:06 am »
I did a reinstall of pfsense and configured pfblockerNG again.  I'm starting to get memory issues again and I read the warning up on the top about...

Code: [Select]
It's also not recommended to block the 'world', instead consider rules to 'Permit' traffic from selected Countries only.
It turns out that I'm doing what pfblocker recommends not doing....and I thought about it and it makes sense.  My question is how do I flip this around so that it's default deny, allow only the United States GeoIP's? 

I *think* that maybe I just unselect all the countries and chose "permit inbound" and because nothing is selected, it will do a default deny.  Before I do anything though, I was wondering if this is the right way to go about doing this... 

I have a few ports open; ssh, https, etc....so it would be nice to block everything but US.

Thanks

Offline f34rinc

  • Jr. Member
  • **
  • Posts: 54
  • Karma: +22/-0
    • View Profile
    • legoclan
Re: Only allowing United States
« Reply #1 on: February 07, 2018, 03:29:18 pm »
Yeah you have it correct, unselect all the other countries then put an allow inbound on the North America \ United States. 

Using the 'Advanced Inbound Firewall Rule Settings' will allow you to select what ports will be allowed inbound.


Offline wiz561

  • Full Member
  • ***
  • Posts: 141
  • Karma: +0/-0
    • View Profile
Re: Only allowing United States
« Reply #2 on: February 09, 2018, 07:07:48 am »
Yeah you have it correct, unselect all the other countries then put an allow inbound on the North America \ United States. 

Using the 'Advanced Inbound Firewall Rule Settings' will allow you to select what ports will be allowed inbound.

Unfortunately, I tried what I did and it doesn't seem to be blocking from other countries.  Is there anything else I have to do? 

Offline wiz561

  • Full Member
  • ***
  • Posts: 141
  • Karma: +0/-0
    • View Profile
Re: Only allowing United States
« Reply #3 on: February 09, 2018, 08:41:08 am »
OK, I think I have it.  I had to disable all of the other GeoIP rules and only chose the two United States rules.  I then did a "Deny Inbound", and then chose the "Inverse" in the advanced options.  This seems to be working now.