Blocking traffic by geographical region?

[Diggy]

Running OPNsense 26.1.2.  Does the built-in IDS/IPS system allow blocking traffic to/from the internet by geographical region?  For example, blocking traffic from IP blocks allocated to Russia, China or Iran?  Or inversely, allow only traffic with IP blocks allocated to just north America?  If yes, what rulesets (if that is the correct term; I'm new to this) or configuration would I need?

If not, is there a plugin that can add the traffic blocking by geographical region functionality?

Help and guidance is much appreciated.  Thank you.

[Patrick M. Hausen]

You do not need IDS/IPS for that, nor a special plugin. GeoIP aliases are supported in standard firewall rules.

Set up a free account with MaxMind or IPinfo, navigate to Firewall: Aliases: GeoIP settings, follow the documentation:

https://docs.opnsense.org/manual/aliases.html#geoip

[Diggy]

You do not need IDS/IPS for that, nor a special plugin. GeoIP aliases are supported in standard firewall rules.

Set up a free account with MaxMind or IPinfo, navigate to Firewall: Aliases: GeoIP settings, follow the documentation:

https://docs.opnsense.org/manual/aliases.html#geoip

Thank you for the fast and thorough response.  I will definitely check it out.

[Diggy]

I believe I have it working with IPinfo and I can see it got an initial database update from IPinfo.

Do I have to manually schedule database updates via cron or something similar?  If not, at what interval do updates automatically occur?

[IPinfo]

I work IPinfo. Thank you for using IPinfo!

> Do I have to manually schedule database updates via cron or something similar?  If not, at what interval do updates automatically occur?

You don't need to create your own cron job for IPinfo database updates in OPNsense. OPNsense's integration will automatically refresh the IPinfo database on its own (after you've configured the source URL and it has successfully completed the initial download, a task you have already done).

— Abdullah | DevRel, IPinfo