Re: PF rules to block out every IP from a given country

2022-12-07 Thread Frank Habicht
Hi, On 07/12/2022 18:36, Peter N. M. Hansteen wrote: ...> and can now be found at https://nxdomain.no/~peter/ripe2cidr_country.sh.txt -- as it says in the script itself, a trivial hack. And I might add, it comes with *NO* warranties of any kind. I think instead of : grep allocated in the two

Re: PF rules to block out every IP from a given country

2022-12-07 Thread Stuart Henderson
On 2022-12-07, Peter N. M. Hansteen wrote: > On Wed, Dec 07, 2022 at 10:28:27AM +1100, Damian McGuckin wrote: >> >> Has anybody created rules such as this and if so, do you have an example? > > As others have already indicated, the PF way to do anything like this would be > to generate a list of

Re: PF rules to block out every IP from a given country

2022-12-07 Thread Peter N. M. Hansteen
On Wed, Dec 07, 2022 at 10:28:27AM +1100, Damian McGuckin wrote: > > Has anybody created rules such as this and if so, do you have an example? As others have already indicated, the PF way to do anything like this would be to generate a list of addresses and networks you want to address (block in

Re: PF rules to block out every IP from a given country

2022-12-07 Thread Muhammad Muntaza
On Wed, 7 Dec 2022 at 08.55 Damian McGuckin wrote: > > Has anybody created rules such as this and if so, do you have an example? > > Stay safe - Damian > Check this Example: https://www.muntaza.id/pf/2020/02/03/pf-firewall-bagian-kedua.html I write in Indonesia, you can use Google Translate to

Re: PF rules to block out every IP from a given country

2022-12-06 Thread Craig Schulz
Take a look at PF-Badhost. Here is a decent write-up: https://undeadly.org/cgi?action=article;sid=20210119113425 Craig > On Dec 6, 2022, at 18:28, Damian McGuckin wrote: > > > Has anybody created rules such as this and if so, do you have an example? > > Stay safe - Damian > > Pacific Engin

Re: PF rules to block out every IP from a given country

2022-12-06 Thread All
Considering you solved the issue with getting all IPs for a given country correctly (and perhaps updating it sometimes): 1. Dump all IP addresses/ranges into a file (eg. blocked.ips) 2. add table fileĀ  /path/to/blocked.ips add "persist" if you want. 3. create rule to block all incoming connections

PF rules to block out every IP from a given country

2022-12-06 Thread Damian McGuckin
Has anybody created rules such as this and if so, do you have an example? Stay safe - Damian Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW 2037 Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted here Views & opinions here are mine and not those of