Jump to content

Blocking ips

BALTAGY
 Share

Recommended Posts

  • ESET Insiders
BALTAGY

BALTAGY 32

Posted
  • ESET Insiders
Posted (edited)

I tried to block some ips by firewall but i found something

 

When i allow Firefox and then create a rule to block these ips i can open the site normally, but then i remove the allow from Firefox the rule works fine

 

And that ESET Smart Security firewall don't work with rules step by step and i can't move the rule up or down

 

How i can allow Firefox to open any site and block these ips only? and why firewall not working like others firewall to order the rules from up to down?

 

Update:

I find that when i don't choose application for this rule it should apply to all programs but id didn't, when i choose a program like Firefox rule works, so if i can move the rule up without choosing an application will be a good idea to make the rule for all applications

 

Sorry for my bad English and thanks

Edited by BALTAGY
Link to comment
Share on other sites
rugk

rugk 397

Posted
Posted

The way ESS applies the rules is simply to explain: The more specific a rule is the later is the rule applied.

So more general rules should be overridden by more specific rules.

 

And if it really shouldn't work you could also use block the sites/IPs by the web protection.

Link to comment
Share on other sites
  • ESET Insiders
BALTAGY

BALTAGY 32

Posted
  • Author
  • ESET Insiders
Posted

I have two rules one for Firefox that allow it to connect to all and a rule to block ips for all programs

If i unchecked Firefox rule, ip rule works fine and if i choose Firefox in ips rule it work

 

In firewall if i can move the rule up and down i can make the ips rule to all programs and move it up of Firefox or any program rule so i can make it apply for these rules

 

If i can't move the rule up or down i must make a rule for each program, Example if i want this ips rule to apply for Firefox and IE i must make two rules for each of them, so moving the rule up or down is better in my opinion

Link to comment
Share on other sites
rugk

rugk 397

Posted
Posted

Yes I would also like it if you could in some way prioritise and I already suggested this a quite long time ago. How it works (with sorting the rules or whatever) is not such important, but if it would be possible it would be great.

 

So in your case maybe the rule for "Firefox - all all connection" is considered as a more general than the rule "All applications - block access to IP01, IP02, ...", so maybe it could work if you try to make the second rule more specific. So maybe change the second rule, so that it also applies to Firefox, i.e. "Firefox - block access to IP01, IP02, ..." is maybe more specific.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,718

Posted
  • Administrators
Posted

Perhaps you could export your configuration and send me the xml via a pm so that I can check the rules you have created.

Link to comment
Share on other sites
  • ESET Insiders
BALTAGY

BALTAGY 32

Posted
  • Author
  • ESET Insiders
Posted

Perhaps you could export your configuration and send me the xml via a pm so that I can check the rules you have created.

PM sent

Link to comment
Share on other sites
  • ESET Insiders
BALTAGY

BALTAGY 32

Posted
  • Author
  • ESET Insiders
Posted

Try creating a copy of the blocking rule but specifically for firefox.exe as application.

When i do that it work, what i'm saying if i can move the rule up the rule will be for all programs better than creating a rule for each program

 

Moving rules up or down makes you can control more

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,718

Posted
  • Administrators
Posted

 

Try creating a copy of the blocking rule but specifically for firefox.exe as application.

When i do that it work, what i'm saying if i can move the rule up the rule will be for all programs better than creating a rule for each program

Moving rules up or down makes you can control more

 

In case you haven't seen Endpoint Security v6, it has a firewall which evaluates rules in the order that you can customize. This will be possible in ESS v9 too.

Link to comment
Share on other sites
  • ESET Insiders
BALTAGY

BALTAGY 32

Posted
  • Author
  • ESET Insiders
Posted

 

 

Try creating a copy of the blocking rule but specifically for firefox.exe as application.

When i do that it work, what i'm saying if i can move the rule up the rule will be for all programs better than creating a rule for each program

Moving rules up or down makes you can control more

 

In case you haven't seen Endpoint Security v6, it has a firewall which evaluates rules in the order that you can customize. This will be possible in ESS v9 too.

 

Ok i will wait v9 beta to test then, Thanks

Link to comment
Share on other sites
rugk

rugk 397

Posted
Posted

WOW, some information about v9...

Nice! :D

 

Let's see how fast it will spread. :)

 

BTW this nice is a very nice one.

I only hope that the rules (I mean the exported XML files with v8) will still be compatibly with v9, so I don't have to create them again. But however, we will see... :)

Link to comment
Share on other sites
SweX

SweX 871

Posted
Posted

WOW, some information about v9...

Nice! :D

They talk way too much about V9 people will start thinking there's something wrong with the quiet clam  :ph34r:

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...