Can I confirm that the location block is still only for incoming connections, and not outgoing (initiated by a lan client) as described here: wiki.ipfire.org - Location Block
If this is still the case, is there a particular reason why the location block interface can’t block both incoming and outgoing? This is a feature that is possible with other firewalls, so I’m curious if I’m just missing something obvious.
As described in the wiki.
And from other discussions in the forum.
I do not use the location block.
I made a GEO location group.
To use in the firewall rules.
The location block is to reduce logging in the firewall.
Not of great importance to me.
You’re correct - I see this now. Thank you for clarifying. How embarrassing that I missed that. I’m sorry.
I found myself in the same boat.my guess is that location block probably uses ipsets which are fast, built into Kernel.
Where firewall rules use more processing power.