Feature request - packet filter by country

I see that ASG can already resolve IPs to the parent country in the Network Security dashboard. It would be really nice if blocking by country was an option in the packet filter.

Greg

Parents

0 BarryG over 16 years ago

FWIW, there are ways to do this manually... You need to find all the IP blocks, and then create definitions and groups for them.

Barry
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 takoateli over 16 years ago in reply to BarryG

FWIW, there are ways to do this manually... You need to find all the IP blocks, and then create definitions and groups for them.

Barry

Barry,

Yeah, I was going to say in that post that I know it is technically doable manually. But have you seen the table of IP ranges you have to block? I don't know if the ASG could even hold that many rules, but if it could, it would still be hours of work and a pain to maintain. A check box for each country would be really nice.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 William Warren over 16 years ago in reply to takoateli

geo location of ips is not foolproof. I am starting to see folks who are blocking in this fashion and wind up blocking entire ranges because one range used to be african but it got moved to japan and vice versa. This is going to become more of an issue with ipv6.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 William Warren over 16 years ago in reply to takoateli

geo location of ips is not foolproof. I am starting to see folks who are blocking in this fashion and wind up blocking entire ranges because one range used to be african but it got moved to japan and vice versa. This is going to become more of an issue with ipv6.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

No Data