Blocking traffic by geographical region?

Started by Diggy, Today at 06:58:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 06:58:48 PM
Running OPNsense 26.1.2.  Does the built-in IDS/IPS system allow blocking traffic to/from the internet by geographical region?  For example, blocking traffic from IP blocks allocated to Russia, China or Iran?  Or inversely, allow only traffic with IP blocks allocated to just north America?  If yes, what rulesets (if that is the correct term; I'm new to this) or configuration would I need?

If not, is there a plugin that can add the traffic blocking by geographical region functionality?

Help and guidance is much appreciated.  Thank you.
Today at 07:03:33 PM #1
You do not need IDS/IPS for that, nor a special plugin. GeoIP aliases are supported in standard firewall rules.

Set up a free account with MaxMind or IPinfo, navigate to Firewall: Aliases: GeoIP settings, follow the documentation:

https://docs.opnsense.org/manual/aliases.html#geoip
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 07:13:49 PM #2
Quote from: Patrick M. Hausen on Today at 07:03:33 PMYou do not need IDS/IPS for that, nor a special plugin. GeoIP aliases are supported in standard firewall rules.

Set up a free account with MaxMind or IPinfo, navigate to Firewall: Aliases: GeoIP settings, follow the documentation:

https://docs.opnsense.org/manual/aliases.html#geoip

Thank you for the fast and thorough response.  I will definitely check it out.
Print
Go Up Pages1
User actions