Page 1 of 1
Block All countries except ...
Posted: Sat Mar 02, 2024 10:37 pm
by sadjoe
Hi everyone,
Someone more familiar can you tell is it already available the following:
- fetch the latest data from RIPE (most secure place) -
https://ftp.ripe.net/pub/stats/ripencc/2024/
- rewrite the file compatible for Mikrotik way - something like
"add address=1.0.0.0/24 comment="United States of America" list=GeoIPBlocked"
- block all type (TCP and UDP) incoming traffic (on all ports) to WAN for all countries except (for example Bulgaria, Germany and UK)
Google, NTP servers and so on can be excluded (don't know how)
Thank you in advance.
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 9:46 am
by baragoon
if your router is able to process a million of address list rules - it will work
https://mikrotikconfig.com/firewall/
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 12:10 pm
by sas2k
Hi everyone,
Someone more familiar can you tell is it already available the following:
- fetch the latest data from RIPE (most secure place) -
https://ftp.ripe.net/pub/stats/ripencc/2024/
- rewrite the file compatible for Mikrotik way - something like
"add address=1.0.0.0/24 comment="United States of America" list=GeoIPBlocked"
- block all type (TCP and UDP) incoming traffic (on all ports) to WAN for all countries except (for example Bulgaria, Germany and UK)
Google, NTP servers and so on can be excluded (don't know how)
Thank you in advance.
Already done by other people.
https://blog.erben.sk/2014/02/06/countr ... ip-ranges/
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 1:08 pm
by sadjoe
It's not work anymore.
Hi everyone,
Someone more familiar can you tell is it already available the following:
- fetch the latest data from RIPE (most secure place) -
https://ftp.ripe.net/pub/stats/ripencc/2024/
- rewrite the file compatible for Mikrotik way - something like
"add address=1.0.0.0/24 comment="United States of America" list=GeoIPBlocked"
- block all type (TCP and UDP) incoming traffic (on all ports) to WAN for all countries except (for example Bulgaria, Germany and UK)
Google, NTP servers and so on can be excluded (don't know how)
Thank you in advance.
Already done by other people.
https://blog.erben.sk/2014/02/06/countr ... ip-ranges/
I am not sure where he gets the CIDRs and are they up-to-date.
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 1:16 pm
by msatter
If the allow list is smaller than the block list, then allow followed by a general block entry.
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 1:19 pm
by baragoon
It's not work anymore.
that's not true, lists are successfully generated
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 1:59 pm
by sadjoe
It's not work anymore.
that's not true, lists are successfully generated
Yesterday checked generated all countries except 3.
Nothing happen so for me it's not working.
If the allow list is smaller than the block list, then allow followed by a general block entry.
This has nothing with what I am saying. CIDRs are changed any month and the real trustee here is only RIPE.
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 2:55 pm
by anav
What makes you think bad actors done use botnets is other countries. So for example if I was to attempt hacking I would do it from benign countries like Canada LOL.
My IP would not be north korea........
Re: Block All countries except ...
Posted: Sun Mar 03, 2024 7:02 pm
by msatter
If the allow list is smaller than the block list, then allow followed by a general block entry.
This has nothing with what I am saying. CIDRs are changed any month and the real trustee here is only RIPE.
OK, more simple then. Which list would be larger?
Three countries or all countries minus three countries.....