Can someone doublecheck my Firewall Rule please?

I changed my firewall to block all traffic that is not US, Canada, Mexico and some US territories. But I realized that I should not block known bots from any country, so I added one more line to my rule’s block criteria (Known Bots equal Off), which resulted in the following expression:

(ip.geoip.country ne “US” and ip.geoip.country ne “PR” and ip.geoip.country ne “UM” and ip.geoip.country ne “GU” and ip.geoip.country ne “AS” and ip.geoip.country ne “CA” and ip.geoip.country ne “MX” and not cf.client.bot)

It seems correct, but would like to get confirmation from someone here. This should block all traffic that is not one of the specified countries, unless it is a Known Bot. Right?

Thanks!

Here’s a screenshot of how the rule setup looks.

Looks all right, though I’d use in

(not ip.geoip.country in {"AS" "CA" "GU" "MX" "PR" "UM" "US"} and not cf.client.bot)

Great, thanks Sandro. Question though: I built this using the dialog. That resulted in the expression it built below it. What happens if I enter your expression into the expression box directly? What happens to the dialog above it? Do I need to undue all the dialog lines?

When you click on Edit expression it will hide all the expression builder part.

Then you can paste the rule directly in the box, you can even use back the link Use the expression builder and it will update the builder accordingly to what you have pasted, so you don’t have to worry about this.

Thank you so much for you help. Much appreciated!