Setting up pfblockerng’s geo location blocking and blocking pretty much the world short of USA and Canada, got to the last tab of proxy and satellite… I’m guessing proxy should get blocked because any good attacker is probably going through a proxy, but what about satellite?
I hesitate to block this because I’ve been on a satellite service before, and very possibly will again when Starlink get operational (tired of the slow upload from Spectrum, truly shameful).
I’m also guessing that attackers are not spending the money for satellite service, typically kind of spendy and slow-ish. What do others think?
Block it, if it causes you issues unblock it.
Alright, seeing an error I don’t understand
There were error(s) loading the rules: /tmp/rules.debug:35: cannot define table pfB_Oceania_v4:
Cannot allocate memory - The line in question reads : table <pfB_Oceania_v4> persist file
"/var/db/aliastables/pfB_Oceania_v4.txt" @ 2020-05-29 17:30:39
I have 24GB of RAM in this box. What I also don’t get and haven’t researched yet, is that the config pages say not to block the globe, better to permit specific areas. What I don’t see is a way to blacklist everything so that I can permit the specific areas of the world that I want open.
I also must have something wrong somewhere, it is not blocking things from other countries on the ports that I have forwarded to servers which is specifically one of the features that I thought it was supposed to block. Obviously need to do more reading, but if anyone can help, it would be welcome. Going to turn it off for right now, things running out of memory could cause a problem.