With CountryBlock you can block any country you want at the Firewall level. You can optionally block access to as well as access from.
This package uses pf (pfctl) to block country CIDR ranges pulled from http://www.countryipblocks.net/
. Each CIDR range is added to a list and processed as a pf table. The table will automatically be added to your Firewall in the background. By default all traffic originating from your selected countries will be blocked. You can can also block access to these countries.
Tested on 1.2.2, 1.2.3, and 2.0 with FF and Chome. IE not supported
Blocked countries are applied on start-up
cron job compatible
Option to log attempts
Option to block or allow outbound access
Select all countries checkbox
Option to specif interfaces
Total number of blocked networks is reported
Whitelist CIDR range
IE does not work with this package.
1. First select the countries you want to block and if you want to block outbound access or log attempts as well.
2. Press "Commit Countries"
3. Enable the package and press "Save/Update"
Q: How do I know if the list got applied?
A: The package web interface will display the current status.
Q: I have the "Enable" check box checked but I don't think its blocking any Countries.
A: Any Errors will be at the bottom of the page when you press Save/Update
Q: I just want to block countries that SPAM the most.
A: The first list includes the Top SPAM'ing countries.
Q: How do I update the countries?
A: Press "Save/Update" - keep in mind that countries ranges RARELY change, therefore updating is not necessary.
Q: I think I can improve your package or add features, how can I help?
A: Send me a PM
For troubleshooting see: http://forum.pfsense.org/index.php/topic,25732.msg166474.html#msg166474