Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 6 subscribers
  • Views 6001 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Webfilter seemingly prioritizing Base Policy over custom policies

Acaelus

I am having an issue where despite having a filter setup to prevent my children from acessing anything except their school work (which worked for several months without issue). They are now able to access all websites without an issue, and I cannot figure out what seems to be causing it.

At the top of the image below you can see 'General Restrictions' at the top which is specific to my children's subnet. Below it is a general catch-all set of rules for all devices and of course then the 'Base Policy' at the bottom. As I understand it it should be processed in that order as well - which it has been doing.

sophos1.jpg

So let's click on the General Restrictions profile that is supposed to apply to my children's subnet. The Kid's Zone is a /24 subnet that is staticly defined by host mac addresses under the network definitions and distributed via DHCP to all of their computers / devices. Rules are applied based on IP / Subnet. Everything looks fine here.

sophos2.jpg

We'll take a quick look at the policies and see that the profile 'Kids Must Sleep' comes first which applies the default block action to all traffic from their subnet  between 2100 and 0500 on weekdays *This works presently despite my other issue*. There are also seperate times for School Hours and Weekends to control the times that the internet is available to them and both apply the 'Standard Child filter' Filter Action.

sophos3.jpg

As you can see, the standard child filter blocks everything (except for their school sites which I put in the whitelist; yes I tried completely deleting the whitelist to see if there was a domain in there allowing traffic through - it still didn't work). This filter is NOT working properly now (after several months) for some reason that I dont' know why. I need help with this. It hates me.

sophos4.jpg

This is me testing the filter. As you can see, it goes to the General Restrictions profile, but instead of utilizing the School Hours or Weekends Filter, it uses the Base Policy that is at the bottom of the list, and I cannot figure out why! Does anyone have any ideas suggestions? Thank you so much!

sophos5.jpg

:56539


This thread was automatically locked due to age.
Parents
  • 0

    Ok... I'm dumb.. and don't know when this got changed, but the time for one of the filter actions was set from 0500-0859 instead of 0500-2059... This caused the traffic to not fit any of the profiles and go through to the base policy which was allowing the traffic. Hopefully someone else benefits from my self-inflicted pain regarding this incident.. enjoy you're weekend everyone. Issue solved...

    :56540
Reply
  • 0

    Ok... I'm dumb.. and don't know when this got changed, but the time for one of the filter actions was set from 0500-0859 instead of 0500-2059... This caused the traffic to not fit any of the profiles and go through to the base policy which was allowing the traffic. Hopefully someone else benefits from my self-inflicted pain regarding this incident.. enjoy you're weekend everyone. Issue solved...

    :56540
Children
No Data
Unfiltered HTML