> I've been reading Jacek's book on pf but haven't
> found a way to block packets on the basis of the
> country of origin. Is it that possible in pf?

Yes, but you'll need to define what IP blocks you want blocked
yourself. I have resorted to this myself to stop certain known spam
havens from hitting some of my servers. I have a pf table
/etc/tables/spammers that does just that.

Then just add a table definition line and one simple pf rule as such:

--------------
....
table <spammers> persist file "/etc/tables/spammers"
....
block in log quick on $ext from <spammers> to any
....
--------------

In that table are subnets of all the IP blocks I want to consider as
spam havens to block.

One starting point for you to consider in your quest for IP lists is
/etc/spamd.conf which has URLs of places to get IP lists to
block--some of them are national. These lists can make the foundation
of what you're after I imagine.

Kevin






--
http://www.ebiinc.com -
Background Screening from EBI
Corporate background checks and drug testing, worldwide.