[PROBLEM]
Contry Block seems to think that these IP(15.219.163.254) are not in the USA.
[MY CONFIGURATION]
Firmware version: 9.107-33
Pattern version: 57696
[x] Country blocking is ENABLED
[FROM]North America #block all traffic from North America ...except
[off] United States
[off] Canada
# after setting USA and CAN to 'off' the group(NorthAmerica) shows as "---"
CPU: 20% ±5
Mem: 17% of 2GB
[RESULTS]
Attempts to SSH(22) into my network gets dropped: 'Dropped GEOIP'
2014:03:04-04:14:51 PASCAL ulogd[4300]: id="2021" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (GEOIP)" action="drop" fwrule="60019" initf="eth0" outitf="eth1" srcmac="60:73:5c:x:x:x" dstmac="0:22:4d:x:x:x" srcip="15.219.163.254" dstip="192.168.x.x" proto="6" length="52" tos="0x00" prec="0x00" ttl="110" srcport="26325" dstport="22" tcpflags="SYN"
However GeoIP tool indicates that the ip is in California_USA.
View my IP information: 15.219.163.254 - Geo IP Tool
[WHAT HAVE I DONE?]
<> I've added a country blocking exception to (ALL countries -including UnitedStates)
for request coming from these: network(15.219.163.0/24), services(any)
>> It did not postively change the results.
[QUESTION TIME]
Q: Is there a way to query what country Astaro thinks a particular IP is?
Q: Why does Astero think that 15.219.163.x isn't in the UnitedStates?
I've read the sticky RE: broken GeoIP Exceptions not working.. I've tried my config with out and with. No change in results. IMHO: i shouldn't need an exception if all traffic from US is permitted.
This thread was automatically locked due to age.
