New blog post: GeoIP-Aware Firewalling with PF on FreeBSD
Running a mail server means constant brute-force attempts. My solution: geographic filtering. SMTP stays open for global mail delivery, but client ports (IMAP, Submission, webmail) are restricted to Central European IP ranges only.
Result: ~90% reduction in attack logs, cleaner signal-to-noise ratio, smaller attack surface.
Using MaxMind GeoLite2 + PF tables with ~273k CIDR blocks.
https://blog.hofstede.it/geoip-aware-firewalling-with-pf-on-freebsd/
#FreeBSD #InfoSec #SysAdmin #pf #DevOps
Larvitz
npub1ue…qjlwv
2026-01-13 17:34:53 UTC
Author Public Key
npub1ueuurfmw4jgtz5uf3sxwcxdxvz8yx8a7yldnu5cyfwmlt55qz5tslqjlwvSeen on
wss://relay.momostr.pinkPublished at
2026-01-13 17:34:53 UTCEvent JSON
{
"id": "662dd5357c8943fda3070487c26e2142156d8f2c2b1aa55f299a49833f24e265",
"pubkey": "e679c1a76eac90b153898c0cec19a6608e431fbe27db3e53044bb7f5d2801517",
"created_at": 1768325693,
"kind": 1,
"tags": [
[
"t",
"sysadmin"
],
[
"t",
"pf"
],
[
"t",
"freebsd"
],
[
"proxy",
"https://mastodon.bsd.cafe/@Larvitz/115888992652791291",
"web"
],
[
"t",
"devops"
],
[
"t",
"infosec"
],
[
"proxy",
"https://mastodon.bsd.cafe/users/Larvitz/statuses/115888992652791291",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.bsd.cafe/users/Larvitz/statuses/115888992652791291",
"pink.momostr"
],
[
"-"
]
],
"content": "New blog post: GeoIP-Aware Firewalling with PF on FreeBSD\n\nRunning a mail server means constant brute-force attempts. My solution: geographic filtering. SMTP stays open for global mail delivery, but client ports (IMAP, Submission, webmail) are restricted to Central European IP ranges only.\n\nResult: ~90% reduction in attack logs, cleaner signal-to-noise ratio, smaller attack surface.\n\nUsing MaxMind GeoLite2 + PF tables with ~273k CIDR blocks.\n\nhttps://blog.hofstede.it/geoip-aware-firewalling-with-pf-on-freebsd/\n\n#FreeBSD #InfoSec #SysAdmin #pf #DevOps",
"sig": "9bfb446a9dfc6b4a2c9e96f316022d1fcbc1de5c2fe7ff4635385c3400f2fe1cac3e94074076492a01456ef1a36334aad57ddbfc30904919d428172ef509f6ea"
}