Author Topic: GeoIP Rules Question (Read 7429 times)

guyp2k · « **on:** August 09, 2020, 03:26:54 pm »

Would the following rules be sufficient for GeoIP?

Mondmann · « **Reply #1 on:** August 09, 2020, 05:50:04 pm »

Hello,
Although I'm a newcomer to OPNsense, I have this
via a floating rule for "all interfaces"
and therefore the rule should apply to incoming and outgoing traffic.
(Should my rule be faulty, I would be happy about further contributions...)
Greetings from Germany

lar.hed · « **Reply #2 on:** August 09, 2020, 06:41:33 pm »

Okay, let's combine both your efforts then: Floating rule for sure, and both destination and source, in and out.

Mondmann · « **Reply #3 on:** August 09, 2020, 07:54:49 pm »

@ lar.hed
Okay, understood, with the proposed rule
the source and/or destination (GeoIP) is blocked.

Got it corrected right in my floating.

Thanks!

guyp2k · « **Reply #4 on:** August 09, 2020, 09:41:35 pm »

Thanks for the replies and here are my GeoIP floating rules:

Mondmann · « **Reply #5 on:** August 09, 2020, 10:37:09 pm »

@guyp2k
I think more like this -> see attachment...
Direction in and out and do not forget the interfaces
...concerning the rule...

guyp2k · « **Reply #6 on:** August 09, 2020, 11:33:50 pm »

Thanks again, scaled down to 2 floating rules and added the interfaces, see attached.

Mondmann · « **Reply #7 on:** August 09, 2020, 11:54:08 pm »

@guyp2k
OK -> reduced to 2 floating rules and added the interfaces

Your rule is not OK yet -> please have a look at geoip_2.png again! (marked with RED) or from lar.hed BlockCountries.jpg...

you recognize your error

guyp2k · « **Reply #8 on:** August 10, 2020, 12:10:28 am »

Updated, see attached.

Thanks

Mondmann · « **Reply #9 on:** August 10, 2020, 12:18:58 am »

yes, and now take the correct description - >
Your No. 1 = Block Countries Destination
Your No. 2 = Block Countries Source

guyp2k · « **Reply #10 on:** August 10, 2020, 01:18:24 am »

Thanks for all the help, new to opnsnese and still learning....

lar.hed · « **Reply #11 on:** August 10, 2020, 08:59:04 am »

May I ask why you only like to run the floating rules on a specific interface?

In my case I run GeoIP block on ALL interfaces, in all directions, both source and target - since I never expect it to be there so to speak.

I also block ALL TOR exit nodes, in the same manner - All interfaces, All directions and both source and target.

Mondmann · « **Reply #12 on:** August 10, 2020, 11:26:52 am »

@ lar.hed

I agree with this and have generally selected all interfaces.
in my attachment: geoip_3.png i only made my private entries unrecognizable...

* and excuse me i write my texts via translation tool

Greetings from Germany

lar.hed · « **Reply #13 on:** August 10, 2020, 11:50:14 am »

No worries mate! I can read german, but it is way to long ago I wrote, so sorry I will save is all from even trying :-)

Julien · « **Reply #14 on:** August 10, 2020, 08:41:16 pm »

What countries are you blocking for in and out ?
i am just curious.

Author Topic: GeoIP Rules Question (Read 7429 times)

guyp2k

GeoIP Rules Question

Mondmann

Re: GeoIP Rules Question

lar.hed

Re: GeoIP Rules Question

Mondmann

Re: GeoIP Rules Question

guyp2k

Re: GeoIP Rules Question

Mondmann

Re: GeoIP Rules Question

guyp2k

Re: GeoIP Rules Question

Mondmann

Re: GeoIP Rules Question

guyp2k

Re: GeoIP Rules Question

Mondmann

Re: GeoIP Rules Question

guyp2k

Re: GeoIP Rules Question

lar.hed

Re: GeoIP Rules Question

Mondmann

Re: GeoIP Rules Question

lar.hed

Re: GeoIP Rules Question

Julien

Re: GeoIP Rules Question