IPS GeoIP Blocking - Exceptions

systm · March 01, 2017, 06:52:51 PM

How would one allow a specific IP from a country that is blocked via IPS GeoIP Blocking as in (https://docs.opnsense.org/manual/how-tos/ips-geoip.html)? Coming from pfSense, the GeoIP mechanism (pfblocker) essentially created firewall aliases that you could choose to supersede with specific IP's from the excluded countries. Since the IPS system does not seem to work this way, I am unsure how to add an exception. I am sure I am just missing something, but any guidance would be greatly appreciated.

Thanks!

AdSchellevis · March 01, 2017, 07:18:16 PM

Hi,

Use aliases (type geoip) in combination with firewall rules, that should do the trick.

Best regards,

Ad

systm · March 01, 2017, 08:27:48 PM

Brilliant! Thanks of the quick response!

How are the GeoIP lists updated? If I remove it from the IPS, how would it update (assuming that was the mechanism that updated it in the 1st place)?

AdSchellevis · March 02, 2017, 06:29:29 AM

There's a cron job updating the geoip database once a day when used (/usr/local/etc/rc.update_urltables)

IPS GeoIP Blocking - Exceptions

systm

March 01, 2017, 06:52:51 PM

AdSchellevis

March 01, 2017, 07:18:16 PM #1

systm

March 01, 2017, 08:27:48 PM #2

AdSchellevis

March 02, 2017, 06:29:29 AM #3