Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 2 subscribers
  • Views 16134 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter Time Schedule

Apollo13
hi,

need your help on this scenario. i am trying to create a time schedule rule 12-1pm on facebook access on web filter policy. 

What the user is doing is he access facebook at 12-1pm, however, he will not close the browser and after 1 pm (ideally he wont be able to access facebook) but whats happening is he can still access facebook.

Blocking happens if the user close the browser. is there any way web filter will block automatically facebook after 1pm without the user closing the browser?

Thanks in advance.


This thread was automatically locked due to age.
  • 0

    Application Control Time Schedule

    Create an Application Control rule blocking all of the Facebook applications.  Don't give it a name - that will cause WebAdmin to display the REF_*********x that you should use in the below. Note that that trick no longer works as helladotnet says below.  If you name the rule "Facebook," teched's suggestion below to use the get_references command will likely show that the REF is REF_AppRulFacebook, so I've used that in my suggestion below.

    Next is a trick that isn't supported, and won't be included in a configuration backup...

    Add the following two lines to /etc/crontab-static for weekday (1-5) control:

    0 12 * * 1-5 root  /usr/local/bin/confd-client.plx change_object REF_AppRulFacebook status 1
    0 13 * * 1-5 root  /usr/local/bin/confd-client.plx  change_object REF_AppRulFacebook status 0


    Then, to get the lines into /etc/crontab, go to the 'Configuration' tab of 'Management >> Up2Date', change one of the intervals, [Apply], change it back and [Apply].  This change should survive everything but a reload from ISO.

    Cheers - Bob

    Changelog: 08-24-2015 Added title, "Note" at the top and new crontab paragraph; 02-26-2015 Thanks to teched for noticing my minutes/hours mistake and other suggestions for improvement

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Please note the "new" version of my suggestion.  Thanks to fellow member teched.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    Bob, when I create an app rule w/out a name it automatically fills in the name of the first rule that I select (example: "050PLUS from Any to Any").  Can I get a list of the "REF_*********x" rule names from a CLI command?  I'd really like to try this unsupported solution/workaround that you provided kitty_hawk.  Thanks in advance, Adam
  • 0
    For application_control class:

    References
    # cc get_references application_control


    Full objects
    # cc get_objects application_control
  • 0
    Thank you teched for the help, those were exactly what I was looking for.

    I was able to find the application_control references and was able to get them to be enabled/disabled via Bob's instructions but it looks like the crontab is being overwritten constantly.  Is this expected behavior?  Should I add config to the crontab-static?

    Updated @ 7:40am

    I found this previous post and I'll try it...
  • 0
    I found this previous post and I'll try it...
  • 0 in reply to BAlfson

    New member  asked me a question via PM.  Since I don't answer questions for free there, here's his question that he asked me to post:

    "After making changes I can't view the live logs for Application control. Please help how I can fix it."

    Those instructions cannot affect logging.  Try changing to a different browser or clearing your browser cache.  Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    It is working after closing and starting the browser.

    Thanks Bob for your support

Unfiltered HTML