Author Topic: Floating Rules for GeoIP Country Blocking Not Working (Read 3390 times)

Amanaki · « **on:** December 06, 2018, 04:10:32 pm »

Hi all,

Have been tinkering with blocking known attack source countries but cannot seem to get this working as expected.

I read that the IDS method was essentially replaced with the alias method and have followed the guides I have found on this forum to try it out with no luck.

I have enclosed screenshots of my alias and firewall rules to help with identifying where I might be going wrong.

Any ideas?

Thanks,
Manaki

franco · « **Reply #1 on:** December 07, 2018, 07:48:09 am »

Have you increased your Firewall Maximum Table Entries? Firewall: Settings: Advanced, set to 1000000 or more.

Cheers,
Franco

Julien · « **Reply #2 on:** December 07, 2018, 09:07:37 am »

Curiousity hoe are you trying to block those countries ?
If you are gonna use a firewall rules on the wan make sure your firewall have enough resources.
I’ve tried it before and my firewall cpu was overloaded which causes voip phones issues

Amanaki · « **Reply #3 on:** December 08, 2018, 11:53:34 pm »

Hey Franco,

Thanks for that clarification. Seems it is working but as pointed out by Julien, there is an issue with memory. I have only 4GB/8GB allocated to my installation.

I know in the alias I provided, I have quite a few countries selected for blocking. Truth is, I only really care about blocking aggressive attack countries like 'CN', 'RU'.

Is there any other way to do it that is not so memory intensive?

Thanks,
Naki

Author Topic: Floating Rules for GeoIP Country Blocking Not Working (Read 3390 times)

Amanaki

Floating Rules for GeoIP Country Blocking Not Working

franco

Re: Floating Rules for GeoIP Country Blocking Not Working

Julien

Re: Floating Rules for GeoIP Country Blocking Not Working

Amanaki

Re: Floating Rules for GeoIP Country Blocking Not Working