Post · bonfire.cafe

Post

Log in

New blog post: GeoIP-Aware Firewalling with PF on FreeBSD

Running a mail server means constant brute-force attempts. My solution: geographic filtering. SMTP stays open for global mail delivery, but client ports (IMAP, Submission, webmail) are restricted to Central European IP ranges only.

Result: ~90% reduction in attack logs, cleaner signal-to-noise ratio, smaller attack surface.

Using MaxMind GeoLite2 + PF tables with ~273k CIDR blocks.

https://blog.hofstede.it/geoip-aware-firewalling-with-pf-on-freebsd/

#FreeBSD #InfoSec #SysAdmin #pf #DevOps

GeoIP-Aware Firewalling with PF on FreeBSD | Larvitz Blog

Using MaxMind’s GeoLite2 database with FreeBSD’s PF firewall to restrict client-facing services to specific countries, reducing brute-force attempts and log noise while keeping essential services globally accessible.

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.1-beta.35 no JS en

Automatic federation enabled

Log in