I have created a firewall rule to allow only four countries based on the IPs geographic location:
(ip.geoip.country ne “US”) or (ip.geoip.country ne “GB”) or (ip.geoip.country ne “CA”) or (ip.geoip.country ne “AU”)
While the rule has the intended effect on my primary targets to block (Russian Federation, Ukaraine, China, etc.), there are many instances of US IPs being blocked. Ironically, the above firewall rule also blocks Cloudflare’s diagnostic tool, which reports certain errors when the rule is enabled (e.g., no HTTPS redirect). Testing the site with various diagnostics on mxtoolbox.com also shows that another known US-based IP is being blocked by the above rule.
So, what is wrong with the rule? Why is it blocking some US IPs and not others?