some time has passed since my last post regarding the GeoIP support for IPFire. In the meantime the funding on the IPFire wishlist hit its goal. Big thanks to all contributors!
For all of you who are desperately waiting for this feature being implemented, there is exciting news:
Development has finished and first tests have been done. Some minor bugs where found and have been fixed. To get this new feature upstream and shipped with one of the next Core Updates there is still a lot more testing required. Therefore I need the help of the IPFire community.
Joining the testing team is a pretty simple task. At first I suggest to everyone to subscribe to the development mailing list to get informed about updated test versions, share experience or simple to get noticed about future developments.
Please follow the next instructions to install the test version:
tar -xvf ipfire-geoip-001.tar.gz -C /.
As an alternative to prevent a reboot, the firewall can be restarted with
/etc/init.d/firewall restart and the databases can be manually downloaded by executing
After reboot just get back into the web user interface. You will find a new menu entry in the “Firewall” section called “GeoIP-block” which can be used for a fast and easy blocking of incoming traffic from certain countries.
The “Firewall Groups” section has been enhanced to allow creating groups of countries. These groups or even single countries can be used while creating any kind of individual firewall rules on your system.
As usual please send your feedback to our development mailinglist and file any kind of bugs on our bugtracker.
Posted: March 12, 2015 • 2280 views