Location Block not Blocking Checked Location

Hi,

I am getting dropped attempts logged from all over the world.

first: Why do you even worry about them? Those packets were dropped, so they do not present any danger at all.

I tested as follows:
Set up rule for IPFire web admin from my country on Red.
Connect to firewall web interface via mobile phone 4G (same country). Disconnect.
From Green LAN, block my country in Location Block, apply firewall rule update.
Attempt web admin login from mobile (Red) again. Still works.
Waited some time for existing connections to drop, re-tried, still works.
Previously having a location blocked would override any firewall rule using that country.
Similarly, having all countries blocked, there would be very few dropped attempts logged.

This sounds like there is something wrong entirely on your system, whereas in this thread, it looks like at least some parts of the location database are working. Could you please up another thread for your problem?

Seems like location blocking not working.

Since you have already ranted in another thread about this, I cannot resist responding: You are absolutely free to build your own location database from scratch (@ms literally worked weeks on this, and I have spent hours on the phone with him to get to the point where we are, but hey) and do things better.

Do you think we did this voluntarily?! The GeoIP database was terrible enough, out-dated and we were facing licensing issues with it. Changing to another proprietary provider is not a sustainable solution.

Unless you provide a proposal to do this better, please go rant somewhere else.

Thanks, and best regards,
Peter Müller

1 Like