"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
This article provides information on the 'Automatic Firewall rules' checkbox which appears in several areas of the WebAdmin interface (e.g., when creating a Site-to-Site SSL connection) and looks like the following screenshot.
Applies to the following Sophos product(s) and version(s) Sophos UTM
Operating systems Version 9.1 or higher
When selected the UTM creates and applies firewall rules to allow network traffic for the new configuration you have set up. This means you do not have to create your own additional firewall rules to allow the new network traffic.
These rules are saved to in the iptables like normal user-created firewall rules. Automatic firewall rules were always checked before the user-created firewall rules
Automatic firewall rules are always at the top of the list and are therefore checked first for a match.
Important: Once a firewall rule match is found all other (lower) rules are ignored.
Note: Only enabled automatic firewall rules will showed in the list of rules.
The screenshot below shows an example of two automatic rules from a Site-to-Site SSL connection. These rules are displayed above any user-created rule.
You can also view the rules from the command line (e.g., root access via SSH).
To display the 'AUTO_FORWARD' chain type: iptables -L AUTO_FORWARD
iptables -L AUTO_FORWARD
From the command line the same automatic firewall rules as shown in the screenshot above would look like:
Chain AUTO_FORWARD (1 references) target prot opt source destination CONFIRMED all -- 10.0.0.0/8 192.168.0.0/24 CONFIRMED all -- 192.168.0.0/24 10.0.0.0/8
The 'Edit' button for automatic rules can be clicked but as shown in the screenshot below there are only two items you can control:
All other options are read-only.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. If you need technical support please post a question to our community. Alternatively for licensed products open a support ticket.