Welcome, Guest. Please login or register.
Did you miss your activation email?
Tuesday 26 November 2024, 09:29:21 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  EFW 2.4 - Cannot use multple content filters in http proxy
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: EFW 2.4 - Cannot use multple content filters in http proxy  (Read 12039 times)
S3@N
Full Member
***
Offline Offline

Posts: 11


« on: Wednesday 02 June 2010, 10:23:45 pm »

Using EFW 2.4 Community Edition I have set up two contentfilter profiles.  These each have one blacklisted site specified.  I then set up 2 access policies, one for each filter with ANY source, destination and user agent, always active an no authentication.  In testing I find that whichever filter is listed in the first access policy takes effect, the second does not - i.e. I am able to reach a site blacklisted by the second access policy in the list.

Is this a bug, limitation or have I misconfigured somewhere?  If so what should I look at?

Thanks
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #1 on: Thursday 03 June 2010, 07:49:23 am »

First rule is allowing your domains blacklisted in contentfilter2. It's a misconfig because rule #2 makes no sense.
Rule 1 with contentfilter1 means: Allow all traffic except those blacklisted on the contentfilter1.
As soon as one HTTP request meets a rule, it stops analyzing further rules.
So rule 2 will never be fired, rule 1 "eats" all the traffic.

Logged
S3@N
Full Member
***
Offline Offline

Posts: 11


« Reply #2 on: Thursday 03 June 2010, 06:11:28 pm »

OK - makes sense.  My (incorrect) assumption was that it would try rules in turn until it was blocked.  So I guess that any rule that qualifies w.r.t source, destination, agent, authentication and time will be tried and the traffic passed or blocked depending on the result. 

Thanks for the reply!
Logged
whoiam55
Full Member
***
Offline Offline

Posts: 71



WWW
« Reply #3 on: Friday 04 June 2010, 01:23:40 am »

OK - makes sense.  My (incorrect) assumption

That's why they say, don't assume, it make fool of both coz assume literally means /U/ME Wink
Logged

सत्यमेव जयते!
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com