DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Filtering: How to get multiple rules to work together
- jkbrennan
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
16 May 2009 00:01 #55813
by jkbrennan
Filtering: How to get multiple rules to work together was created by jkbrennan
Hi All,
I’ve spent quite a bit of time lately trying to understand the way the filtering works on our 2820.
From other posts I established that I should set up a ‘Block if no further match’ rule first and then other rules to allow traffic
So in Set 2 (the first data filter set) I have:
[Block if no further match] [IP of the test computer] Branch to Set 5
In Set 5, I set up a number of rules – some for URL content some for Web content, all configured to ‘Pass if no further match’
What I discovered was that only the first rule is effective. It didn’t matter whether it was a URL or a Web content type.
So how do I get multiple rules to work together in a Filter set? If I add a ‘Block if no further match’, rule into the middle of it, I get ‘Page won’t load’ errors.
John
I’ve spent quite a bit of time lately trying to understand the way the filtering works on our 2820.
From other posts I established that I should set up a ‘Block if no further match’ rule first and then other rules to allow traffic
So in Set 2 (the first data filter set) I have:
[Block if no further match] [IP of the test computer] Branch to Set 5
In Set 5, I set up a number of rules – some for URL content some for Web content, all configured to ‘Pass if no further match’
What I discovered was that only the first rule is effective. It didn’t matter whether it was a URL or a Web content type.
So how do I get multiple rules to work together in a Filter set? If I add a ‘Block if no further match’, rule into the middle of it, I get ‘Page won’t load’ errors.
John
Please Log in or Create an account to join the conversation.
- middling
- Offline
- Junior Member
Less
More
- Posts: 35
- Thank you received: 0
16 May 2009 06:26 #55814
by middling
Replied by middling on topic Filtering: How to get multiple rules to work together
The firewall filtering system is currently broken so there is no way to do what you want.
You'll have to wait for Draytek to fix it and issue a new firmware (though it's been 6 months since i first posted about this problem so don't hold your breath).
You'll have to wait for Draytek to fix it and issue a new firmware (though it's been 6 months since i first posted about this problem so don't hold your breath).
Please Log in or Create an account to join the conversation.
- louis-m
- Offline
- Member
Less
More
- Posts: 131
- Thank you received: 0
16 May 2009 17:24 #55820
by louis-m
2820 = 3.3.2_RC5
2950 = 3.2.4
Replied by louis-m on topic Filtering: How to get multiple rules to work together
has anybody here got the web content filter by itself to work?
the url content filter works on the 2820 but it appears that the web content filter doesn't even though it categorises sites.
the url content filter works on the 2820 but it appears that the web content filter doesn't even though it categorises sites.
2820 = 3.3.2_RC5
2950 = 3.2.4
Please Log in or Create an account to join the conversation.
- jkbrennan
- Topic Author
- Offline
- New Member
Less
More
- Posts: 2
- Thank you received: 0
16 May 2009 23:04 #55824
by jkbrennan
Replied by jkbrennan on topic Some conclusions
Thank you very much Middling for informing me about this state of affairs (I guess I didn’t dig far enough back into the forum entries). Kind of a relief to know this. I was beginning to think my head was sort of broken! Rather slack that they are taking so long to fix a rather important part of the feature set.
So, I conclude that multiple rules only function if scheduled at different times. Any overlapping of times will result in most of the rules further down the chain becoming ineffective.
Louis, I have got the content filter to work. Our main need here is remove sexual related content, and so having added a Web content filter profile in the CSM section, I went to the Firewall General Setup page, and updated the Web content field of the ‘Actions for the default rule’ section. However, with the tendency for one filter to undermine another, I have also added this web content block to other filter rules as well (where for example I had a URL filter rule loaded, I’ve added this Web content filter rule also). I recommend that you always test that your blocks remain in effect after making *any* change
I have also played with a few other Web content filters when I tried to set up a white list for my son. Lots of sites aren’t categorized, which is not a surprise. Anything that is part of a government site (even if it has nothing to do with politics), gets blocked if the ‘politics’ option is set to block.
So, I conclude that multiple rules only function if scheduled at different times. Any overlapping of times will result in most of the rules further down the chain becoming ineffective.
Louis, I have got the content filter to work. Our main need here is remove sexual related content, and so having added a Web content filter profile in the CSM section, I went to the Firewall General Setup page, and updated the Web content field of the ‘Actions for the default rule’ section. However, with the tendency for one filter to undermine another, I have also added this web content block to other filter rules as well (where for example I had a URL filter rule loaded, I’ve added this Web content filter rule also). I recommend that you always test that your blocks remain in effect after making *any* change
I have also played with a few other Web content filters when I tried to set up a white list for my son. Lots of sites aren’t categorized, which is not a surprise. Anything that is part of a government site (even if it has nothing to do with politics), gets blocked if the ‘politics’ option is set to block.
Please Log in or Create an account to join the conversation.
- louis-m
- Offline
- Member
Less
More
- Posts: 131
- Thank you received: 0
17 May 2009 20:59 #55839
by louis-m
2820 = 3.3.2_RC5
2950 = 3.2.4
Replied by louis-m on topic Filtering: How to get multiple rules to work together
i'm using 3.3.2_RC1. the web content side just doesn't want to work. it does something as you can see the page loading slower which would suggest some sort of checking is happening but the filter isn't being applied.
2820 = 3.3.2_RC5
2950 = 3.2.4
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek