Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
GeoIP aliases not correctly updated.
« previous
next »
Print
Pages: [
1
]
Author
Topic: GeoIP aliases not correctly updated. (Read 2879 times)
lelanta
Newbie
Posts: 1
Karma: 0
GeoIP aliases not correctly updated.
«
on:
June 27, 2018, 12:42:37 pm »
Hello,
I use production version up to date to 18.1.10.
I defined severals aliases based with geoip countries to restrict wan lan and dmz accesses.
To optimize this config aliases are defined like this.
1- allow some countries from europe
2 - disallow the rest of world.
All works fine except when i modify the aliases (countries included in aliases)
Example :
In my Europe allowed alias i check a new country aallowed, save the alias and save also the rules which use this alias to update the pftable.
When i look the pktable content to verify the modification, content is not updated and the rule is now wrong.
Is i do a mistake or is there is a problem with real-time update of pftables or other kind of error ?
I use this procedure to allow or disallow one or more countries for a small lap of time (temporary access to a country)
Second question : Is there a plugin or procedure to block in realtime an ip in response to an event (DDOS or ...) like fail2ban does with iptables and ipset tables.
thanks to your help
Best regards to all
Thanks fo
Logged
Security is not a true science and most of problems come from errors or misconfiguration built between chair and keyboard....
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
18.1 Legacy Series
»
GeoIP aliases not correctly updated.
