First, lets have a look at the apps that are available, and the one we are specifically looking at today. All of these applications have a great usage purpose, in particular Application Control and Web Filter which you can find in our Untangle review.
For this post, we are focusing on the Firewall application and blocking countries, mainly as we want to keep this short and to the point. Many other features are available.
IMPORTANT! It is important to note, this firewall is in addition to the firewall that is prebuilt into Untangle. You will be protected from day 1 with Untangle, but only at a lower network layer.
Enabling The Firewall
First, lets enable the firewall. Very simple to do, but first I would advise heading into the rules, and making sure that nothing is enabled that may immediately effect your live environment and cause the phones to ring.
Enabling The Rule
Once enabled, lets head into the rules section, of course I have removed the rules below for security reasons:
Blocking Countries (If Not)
Now the easiest way to complete this task IF you want to block more countries that you allow, if to create a rule which is based on if “Client Country” IS NOT. However, be careful! You have to also include XL, which is local, to allow local subnets to connect to the firewall, otherwise your internal network will lose internet access.
Blocking Countries (If)
On the flip side of the above, you may only have the requirement to block individual countries, lets say you trade with all but 2 countries. To achieve this, you wouldn’t action the above, but you would add a “Client Country” is rule, and therefore on this rule, DO NOT include XL (local) otherwise you will block internal internet traffic.
One thing to be aware of, bypass rules inside Config > Networking. These rules will bypass all application rules, including your firewall. Therefore, if you have the rule below, this will mean that traffic is allowed and will not be blocked by your rules above.
Blocking countries that do not require access to your network, for me, is a must. It is simple to complete on most modern firewalls, and of course instantly restricts potential unwanted visitors. Also, when you enable this function and review the logs, don’t panic! You can now simply see what was happening the whole time, but now you are blocking it!