|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
Blocking All Public IPs from a Particular Country
Hi All,
What is the best way of blocking all the public IPs from a particular country? I have more than 200 public IPs to block. I thought of putting all the IPs as a variable and calling it in the blocking rule. Is my thought correct? will that slows down my OpenBSD firewall or have a big impact on the entire firewall's performance ? Thanks |
|
|||
block ip
Table is much faster than variable.
I block all foreign ip cidr's in pf.conf using table which is large and instantaneous. i/we use "block in quick log (all) on fxp0 from !<usip> to any label "foreign" where <usip> is a .csv file of us based cidr's You can update that file as desired. It cuts down the amount of traffic greatly if you r not interested in a non-us based cidr. |
|
|||
Hi Jggimi ,Frcc
Thanks a lot for your information |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Blocking MySpace | roddierod | Other OS | 3 | 12th April 2009 09:39 PM |
PF Blocking VPN Traffic | plexter | OpenBSD Security | 6 | 23rd January 2009 05:25 PM |
pf blocking php mail | ijk | FreeBSD Security | 7 | 30th October 2008 08:33 PM |
PF Blocking | schrodinger | OpenBSD Security | 6 | 6th October 2008 10:33 PM |
FreeBSD and freeze sur "select country" | mjj | FreeBSD Installation and Upgrading | 7 | 18th June 2008 02:16 AM |