Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 6 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 11822 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Blocking all connectivity by time of day

Richard Thompson1

So, I want to be able to stop my child using his smart tv to access Netflix at night time.

Web filtering is on, but the TV is in the skip list.

Setting a firewall rule does nothing, even if I set it to drop all traffic without a time of day that is destined for his (or any other) host, traffic still flows, as though allow rules take priority.

Even if I turn off web filtering, the firewall rule still doesn't work.

I can't use a NAT rule to black hole it as this can't be done based on time of day.

 

Why is this so complicated? Any pointers?



This thread was automatically locked due to age.
Parents
  • 0

    Hi Richard,

    A Drop Firewall Rule will not be effective configuration here as we are looking at HTTP/S traffic which are processed by Web Proxy. To drop the traffic you must first, skip the source traffic from the transparent proxy. To do that, go to Web Filter | Filtering Option | MISC | Skip Transparent Proxy | Add the source IP of TV in Skip Transparent Mode Source Hosts/Nets. Uncheck "Allow HTTP/S traffic for listed hosts/nets" and then create a rule

    Source(x.x.x.x source IP of TV) > ANY > Destination(Internet IPv4) > Drop > Time Schedule. 

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    So, this is the top rule in my firewall:

     

    https://imgur.com/TLBg0JV

     

    This is not time filtered right now, so is aimed at blocking ALL traffic from my phone and TV (using the phone to test).

     

    The web filter is on, but the phone is in the Skip list:

    https://imgur.com/BoxW8yz

     

    The phone still works fine, browses the internet, etc.

    If I turn off the Web filter, the phone stops working, but obviously I want the filter on.

    If I set up a time based web filter, so everything is denied for that host after 22:00, and allowed in the day, netflix doesn't work even during the day, as netflix needs an exemption, or for the host to be in the Skiplist.

    It looks like I'm just stuck entirely?

    Edit: My current (frankly crazy) solution idea is to put two UTMs, one behind the other, so that I can use the firewall rule on one and the web filter on the other.......

  • 0 in reply to Richard Thompson1

    No need to do that frankly crazy [:D]

    1) As sachingurung said before: Uncheck "Allow HTTP/S traffic for listed hosts/nets" (in your second printscreen)

    2) Create a rule in the Firewall to allow trafic for the TV in the Desired time period, not to block (this is how it works)

  • 0 in reply to Richard Thompson1

     

    This will create a hidden firewall rule and you dont want that

Reply Children
No Data
Unfiltered HTML