Title: EFW 2.4 - Cannot use multple content filters in http proxy Post by: S3@N on Wednesday 02 June 2010, 10:23:45 pm Using EFW 2.4 Community Edition I have set up two contentfilter profiles. These each have one blacklisted site specified. I then set up 2 access policies, one for each filter with ANY source, destination and user agent, always active an no authentication. In testing I find that whichever filter is listed in the first access policy takes effect, the second does not - i.e. I am able to reach a site blacklisted by the second access policy in the list.
Is this a bug, limitation or have I misconfigured somewhere? If so what should I look at? Thanks Title: Re: EFW 2.4 - Cannot use multple content filters in http proxy Post by: mrkroket on Thursday 03 June 2010, 07:49:23 am First rule is allowing your domains blacklisted in contentfilter2. It's a misconfig because rule #2 makes no sense.
Rule 1 with contentfilter1 means: Allow all traffic except those blacklisted on the contentfilter1. As soon as one HTTP request meets a rule, it stops analyzing further rules. So rule 2 will never be fired, rule 1 "eats" all the traffic. Title: Re: EFW 2.4 - Cannot use multple content filters in http proxy Post by: S3@N on Thursday 03 June 2010, 06:11:28 pm OK - makes sense. My (incorrect) assumption was that it would try rules in turn until it was blocked. So I guess that any rule that qualifies w.r.t source, destination, agent, authentication and time will be tried and the traffic passed or blocked depending on the result.
Thanks for the reply! Title: Re: EFW 2.4 - Cannot use multple content filters in http proxy Post by: whoiam55 on Friday 04 June 2010, 01:23:40 am OK - makes sense. My (incorrect) assumption That's why they say, don't assume, it make fool of both coz assume literally means /U/ME ;) |