On Fri, Nov 26, 2010 at 01:19:15PM +0100, Eugen Leitl wrote: > > I have a single (OS X) box on home LAN, which I would like > to block all traffic against a specific country, or several > countries. > > There's a pfSense 2.0 package for that (which I haven't been > able to make to work yet), but it blocks everything entirely. > > Can pfSense do this, or should I try improvising something > on the OS X box with its native firewalling?
A single country block takes about 20 k lines of CIDR network notation. Apparently it's possible to produce ipfw rules via a script http://macscripter.net/viewtopic.php?id=19701 for OS X. It would be nice to be able to process ~20k lines worth of CIDR into a single alias. Would that work? -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
