OPNsense Forum

Archive => 17.1 Legacy Series => Topic started by: systm on March 01, 2017, 06:52:51 pm

Title: IPS GeoIP Blocking - Exceptions
Post by: systm on March 01, 2017, 06:52:51 pm

How would one allow a specific IP from a country that is blocked via IPS GeoIP Blocking as in (https://docs.opnsense.org/manual/how-tos/ips-geoip.html)?  Coming from pfSense, the GeoIP mechanism (pfblocker) essentially created firewall aliases that you could choose to supersede with specific IP's from the excluded countries.  Since the IPS system does not seem to work this way, I am unsure how to add an exception.  I am sure I am just missing something, but any guidance would be greatly appreciated.

Thanks!

Title: Re: IPS GeoIP Blocking - Exceptions
Post by: AdSchellevis on March 01, 2017, 07:18:16 pm

Hi,

Use aliases (type geoip) in combination with firewall rules, that should do the trick.

Best regards,

Ad

Title: Re: IPS GeoIP Blocking - Exceptions
Post by: systm on March 01, 2017, 08:27:48 pm

Brilliant! Thanks of the quick response!

How are the GeoIP lists updated?  If I remove it from the IPS, how would it update (assuming that was the mechanism that updated it in the 1st place)?

Title: Re: IPS GeoIP Blocking - Exceptions
Post by: AdSchellevis on March 02, 2017, 06:29:29 am

There's  a cron job updating the geoip database once a day when used (/usr/local/etc/rc.update_urltables)