MontanaBighorn wrote: ↑
Fri Jan 10, 2020 8:56 pm
I'm running a dedicated Windows 2016 Server on a commercial cable connection out of my basement.
Yep, you are "the guy" then.
One approach that comes to mind and could possibly give you more flexibility is to not try and stop it at the router (despite the ways in which it's more optimal that way) and block it at the Windows TCPIP stack itself. Since on the actual Windows machine, you'll have more flexibility to use or create whatever PowerShell or other scripts already exist out there for doing what you want. Which may be more difficult to do at the router, depending on how closed of a system the router is.
Looking for scripts and open projects already built around MaxMind's free databases might reveal useful options. I extended an existing script out there to just delete & update a Windows Firewall rule every day with the blocks and allows I need. Mine are not about "countries" though, and come from a non-MaxMind source.
If you don't mind letting the traffic get all the way to the web server process & phpBB code before becoming rejected, Filter by Country
is an extension in development which is a very convenient way (from a phpBB management perspective) to implement exactly what you're after.
Not sure if Mark has updated yet to solve the fact MaxMind now requires a free registration & access key in order to download. That just happened this month, and is a new requirement for the free MaxMind databases. So you might need to wait for that before trying out the phpBB extension.