Block outbound connections to China

Started by jimk2048, January 02, 2021, 05:07:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 02, 2021, 05:07:10 PM
Does OPNsense have any features or plugins that would block outbound connections to China?  In case I use compromised devices that want to phone home.
January 02, 2021, 05:43:23 PM #1
Yeah, search for GeoIP.  You'd create an alias with countries you want to block, then use that alias in a firewall rule.  Prior to that you'll need to set up an account (free) with maxmind. 

See here: https://docs.opnsense.org/manual/how-tos/maxmind_geo_ip.html
Aliases: https://docs.opnsense.org/manual/aliases.html
HP T730/AMD  RX-427BB/8GB/500GB SSD
HP NC365T 4-PORT
January 03, 2021, 10:03:38 AM #2
CDN's are eroding the value of GeoIP and you may be better off internally segregating the devices you don't control - like IoT - with separate VLAN and stricter firewall rules.

Bart...
Print
Go Up Pages1
User actions