Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
IPS GeoIP Blocking - Exceptions
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPS GeoIP Blocking - Exceptions (Read 5179 times)
systm
Newbie
Posts: 2
Karma: 0
IPS GeoIP Blocking - Exceptions
«
on:
March 01, 2017, 06:52:51 pm »
How would one allow a specific IP from a country that is blocked via IPS GeoIP Blocking as in (
https://docs.opnsense.org/manual/how-tos/ips-geoip.html)?
Coming from pfSense, the GeoIP mechanism (pfblocker) essentially created firewall aliases that you could choose to supersede with specific IP's from the excluded countries. Since the IPS system does not seem to work this way, I am unsure how to add an exception. I am sure I am just missing something, but any guidance would be greatly appreciated.
Thanks!
Logged
AdSchellevis
Administrator
Hero Member
Posts: 907
Karma: 184
Re: IPS GeoIP Blocking - Exceptions
«
Reply #1 on:
March 01, 2017, 07:18:16 pm »
Hi,
Use aliases (type geoip) in combination with firewall rules, that should do the trick.
Best regards,
Ad
Logged
systm
Newbie
Posts: 2
Karma: 0
Re: IPS GeoIP Blocking - Exceptions
«
Reply #2 on:
March 01, 2017, 08:27:48 pm »
Brilliant! Thanks of the quick response!
How are the GeoIP lists updated? If I remove it from the IPS, how would it update (assuming that was the mechanism that updated it in the 1st place)?
Logged
AdSchellevis
Administrator
Hero Member
Posts: 907
Karma: 184
Re: IPS GeoIP Blocking - Exceptions
«
Reply #3 on:
March 02, 2017, 06:29:29 am »
There's a cron job updating the geoip database once a day when used (/usr/local/etc/rc.update_urltables)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
IPS GeoIP Blocking - Exceptions
