Running OPNsense 26.1.2. Does the built-in IDS/IPS system allow blocking traffic to/from the internet by geographical region? For example, blocking traffic from IP blocks allocated to Russia, China or Iran? Or inversely, allow only traffic with IP blocks allocated to just north America? If yes, what rulesets (if that is the correct term; I'm new to this) or configuration would I need?
If not, is there a plugin that can add the traffic blocking by geographical region functionality?
Help and guidance is much appreciated. Thank you.
You do not need IDS/IPS for that, nor a special plugin. GeoIP aliases are supported in standard firewall rules.
Set up a free account with MaxMind or IPinfo, navigate to Firewall: Aliases: GeoIP settings, follow the documentation:
https://docs.opnsense.org/manual/aliases.html#geoip
Quote from: Patrick M. Hausen on Today at 07:03:33 PMYou do not need IDS/IPS for that, nor a special plugin. GeoIP aliases are supported in standard firewall rules.
Set up a free account with MaxMind or IPinfo, navigate to Firewall: Aliases: GeoIP settings, follow the documentation:
https://docs.opnsense.org/manual/aliases.html#geoip
Thank you for the fast and thorough response. I will definitely check it out.