OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: mike366 on March 19, 2017, 05:25:36 pm
-
If I have an email server sitting behind an opnsense router, and the opnsense firewall blocks certain countries from access, if I port forward to the email server, are the blocked county ip rules enforced first, so that 'bad' traffic does not make it to the email server?
Thank you.
-
Services > Intrusion Detection > 'User Defined' (Tab) >
GeoIP/Country
Ă—United States (not)
GeoIP/Direction
Source
Action
Drop
This will drop all traffic from every country other than the U.S. There is still plenty of 'bad' traffic here though, and people elsewhere can also use Tor, a VPN, or a 'zombie' (compromised) host.
-
Sure, thanks for the info. At least it sounds like all packets not originating in US will be dropped before the port forward to the email server happens. I appreciate the pointer on setup.
-
Just to clarify, yes the traffic will be dropped.