Network Security: Split Country Blocking to Inbound/Outbound
I need to block countries inbound but need to allow for all users to outbound to anywhere. Please change the single check box per country to a double check box, one for outbound blocking and one for inbound blocking. This way I can block certain countries from trying to contact (hack) us but allow all internal users to go anywhere externally. I like the idea of country blocking for security but it is unuseable for us as internal users cannot be restricted outbound
I'm sure this has been mentioned before, but just want to grumble about the default behavior for CB. IMHO, it should NOT be blocking all packets, just inbound connection requests. There are a lot of places that serve up data via different servers in different countries, and you can't always tell from the URL, until someone complains that 'I cannot download Skype' or whatever. If you don't want to change the default behavior, then please at least add a switch to select it?
This feature has been released as part of UTM 9.1. Enjoy!