Hey all!
I have a gerneral question about the GeoIP Block database.
First: I am still running the version 2.23 core 139. The GeoIP Block setting blocks each country - accept of Germany.
Since one week I have I have two portscanners “hitting” the ipfire and get rejected:
45.136.109.251
45.136.110.25
As I checked the last time it was the network of the company COMTRADE LLC in Nürnberg/Germany - so far so normal that the GEOIP Block will not catch it.
Know I checked both IPs again and the are part of the OOO Network of data-centers Selectel in Moscow/Russia.
Shouldnt the GeoIP Block catch this before it hits the firewall?
Is this due to the outdated IP database in my core update? (You guys mentioned something like this some weeks ago?)
Thanks in advance!
Kind regards,
Andreas