Moin,
mir ist aufgefallen, das in der aktuellen Firmware 9.209-8 die Funktion "Block Clients with Bad Reputation" (Ist der Haken bei der Webserver-Protection) nicht mehr funktioniert.
1) im Log erscheint die Meldung wie diese nicht mehr:
[Mon Nov 01 04:22:32.990004 2014] [authz_blacklist:warn] [pid 20960:tid 4088236912] [client 80.187.112.33:21957] Client is listed on DNSRBL black.rbl.ctipd.astaro.local
2014:11:01-04:22:32 proxy22 reverseproxy: id="0299" srcip="80.187.112.33"
localip="X.X.X.X" size="229" user="-" host="80.187.112.33"
method="POST" statuscode="403" reason="dnsrbl" extra="Client is listed on DNSRBL black.rbl.ctipd.astaro.local" exceptions="-" time="6836"
und vor allem, geblockt wird ja mal gar nix mehr.
Bad Reputation ist ja:
lock clients with bad reputation:*Based on*GeoIP*and*RBL*information you can block clients which have a bad reputation according to their classification.Sophos*uses the following classification providers:
RBL sources:
Commtouch IP Reputation (ctipd.org)
dnsbl.proxybl.org
http.dnsbl.sorbs.net
The GeoIP source is*Maxmind. The WAF blocks clients that belong to one of
the following Maxmind categories:
A1: Anonymous proxies or VPN services used by clients to hide their
IP address or their original geographical location.
A2: Satellite providers are ISPs that use satellites to provide
Internet access to users all over the world, often from high risk
countries.
kann das jemand mal testen? Ich habe einfach einen TorBrowser genommen von einem DSL Anschluss aus.
Danke
sophoslabfan
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.