1
19.7 Production Series / Re: GeoIP not Updating
« on: January 16, 2020, 06:07:58 pm »
Mine updated yesterday as well. I also had to recreate the alias and rule. Now seems to work ok.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
2
19.7 Production Series / Re: GEOIP stopt working
« on: January 12, 2020, 06:59:33 pm »
Would be nice if someone could post some GeoIP example rules.
I did seem to get it working, but I think my rules could be cleaner. Since floating rules don't include the local IP's, I have to have a rules for all the local nets before the GeoIP rules. Would be nice to include my own IP list into the Maxmind one.
I have to do this because my GeoIP rule is set to block all counties except US using an invert. See attached.
Is there a better way to handle this?
I did seem to get it working, but I think my rules could be cleaner. Since floating rules don't include the local IP's, I have to have a rules for all the local nets before the GeoIP rules. Would be nice to include my own IP list into the Maxmind one.
I have to do this because my GeoIP rule is set to block all counties except US using an invert. See attached.
Is there a better way to handle this?
3
19.7 Production Series / Re: GEOIP stopt working
« on: January 11, 2020, 08:17:51 pm »
I found a real disadvantage in using the invert GeoIP floating rule.
For example. I have a GeoIP rule which blocks every country except US and Canada for my Email ports (except 25). Doing this, any local IP's will not be in the Maxmind list so it will be blocked as well.
I am using a floating rule because I have multiple email servers and wanted the same GeoIP blocking for all of them.
So I either have to make a rule which allows all the local ports to pass before the GeoIP rule, or not use invert and have an enormous list in GeoIP.
Floating rules can be tricky to use due to the multiple interfaces and dual direction capabilities.
Any recommendations for the best approach here?
For example. I have a GeoIP rule which blocks every country except US and Canada for my Email ports (except 25). Doing this, any local IP's will not be in the Maxmind list so it will be blocked as well.
I am using a floating rule because I have multiple email servers and wanted the same GeoIP blocking for all of them.
So I either have to make a rule which allows all the local ports to pass before the GeoIP rule, or not use invert and have an enormous list in GeoIP.
Floating rules can be tricky to use due to the multiple interfaces and dual direction capabilities.
Any recommendations for the best approach here?
4
19.7 Production Series / Re: GEOIP stopt working
« on: January 11, 2020, 06:26:08 pm »
Started working after I changed the floating rule to block both directions. Seems most of the blocking was done by IDS already
5
19.7 Production Series / Re: GEOIP stopt working
« on: January 11, 2020, 05:53:36 pm »
@chemlud It works. Also tried China sites using WebSitePulse and they all work.
So that means the GeoIP is not functioning for me.
So that means the GeoIP is not functioning for me.
6
19.7 Production Series / Re: GEOIP stopt working
« on: January 11, 2020, 05:07:49 pm »
Tried recreating rule and alias, still no log entries for GeoIP.
Tried the shell command above and everything is correct. Just not seeing any blocks in the logs. Not sure if it is working or not.
Is there any other way to test this?
Tried the shell command above and everything is correct. Just not seeing any blocks in the logs. Not sure if it is working or not.
Is there any other way to test this?
7
19.7 Production Series / Re: GEOIP stopt working
« on: January 10, 2020, 04:52:28 pm »
The GeoIP function does not seem to be working. There are no log entries and I use to see a ton of them before the change. Everything looks ok in the GeoIP Settings. Yes, the rule is set to log hits
Is there something I am missing or something else I need to do?
I have the rule set to block all countries except US with an invert. Same rule as before the change. Never get a hit on it and that's just not possible.
Attached is what my floating rule looks like. Please advise if this rule is wrong
Is there something I am missing or something else I need to do?
I have the rule set to block all countries except US with an invert. Same rule as before the change. Never get a hit on it and that's just not possible.
Attached is what my floating rule looks like. Please advise if this rule is wrong
8
19.7 Production Series / Re: GEOIP stopt working
« on: January 09, 2020, 10:57:40 pm »
It is a brand new feature and it didn't work when it was used and we reported it. My suggestion of putting a note in the message was so others wouldn't also think it was an issue. The message looks like something went wrong.
9
19.7 Production Series / Re: GEOIP stopt working
« on: January 09, 2020, 09:00:18 pm »
Mine finally updated after 2 hours. That somehow doesn't seem right. At least the devs should put that info in the notice that comes up.
10
19.7 Production Series / Re: GEOIP stopt working
« on: January 09, 2020, 06:19:53 pm »
So how long did it take. Mine has been sitting for about 45 minutes
11
19.7 Production Series / Re: GEOIP stopt working
« on: January 09, 2020, 05:45:30 pm »
I also just get the message pop-up. Using the URL in a browser works
Reboot also did not work. We need a patch
Reboot also did not work. We need a patch
12
General Discussion / Re: Blocking custom list of websites
« on: January 04, 2020, 12:43:53 am »
Thanks. Didn't know about that plug-in. I installed it and I will see how it goes from here.
13
19.7 Production Series / Re: GEOIP stopt working
« on: January 03, 2020, 10:49:52 pm »
I didn't see any invoicing. Already got my key, waiting for the OPNsense update now
14
19.7 Production Series / Re: GEOIP stopt working
« on: January 03, 2020, 09:57:24 pm »
So I assume this explains why I have US IP's being blocked when my rule states to block any country that is not US. So I guess I need to update the firewall and get the Maxmind account rollin'
Oh my 19.7.9 is not out yet. Better temporary disable my GEOIP rule.
Oh my 19.7.9 is not out yet. Better temporary disable my GEOIP rule.
15
General Discussion / Blocking custom list of websites
« on: January 02, 2020, 09:04:52 pm »
At wits end. Read every post I could find and still cannot block a list (alias) of websites.
Tried a LAN and a floating rule, didn't work.
Tried Web proxy, didn't work.
Problem with the proxy approach is I could not get a custom blacklist to be recognized. The official ones work fine.
I even tried coping an official blacklists.tar.gz to my web server and no categories showed up. Didn't work.
So what is the best way to block just 10-15 websites with all the subdomains included?
By the way, some of these websites are HTTPS
Tried a LAN and a floating rule, didn't work.
Tried Web proxy, didn't work.
Problem with the proxy approach is I could not get a custom blacklist to be recognized. The official ones work fine.
I even tried coping an official blacklists.tar.gz to my web server and no categories showed up. Didn't work.
So what is the best way to block just 10-15 websites with all the subdomains included?
By the way, some of these websites are HTTPS