This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filter Time Schedule

hi,

need your help on this scenario. i am trying to create a time schedule rule 12-1pm on facebook access on web filter policy. 

What the user is doing is he access facebook at 12-1pm, however, he will not close the browser and after 1 pm (ideally he wont be able to access facebook) but whats happening is he can still access facebook.

Blocking happens if the user close the browser. is there any way web filter will block automatically facebook after 1pm without the user closing the browser?

Thanks in advance.


This thread was automatically locked due to age.
Parents
  • Application Control Time Schedule

    Create an Application Control rule blocking all of the Facebook applications.  Don't give it a name - that will cause WebAdmin to display the REF_*********x that you should use in the below. Note that that trick no longer works as helladotnet says below.  If you name the rule "Facebook," teched's suggestion below to use the get_references command will likely show that the REF is REF_AppRulFacebook, so I've used that in my suggestion below.

    Next is a trick that isn't supported, and won't be included in a configuration backup...

    Add the following two lines to /etc/crontab-static for weekday (1-5) control:

    0 12 * * 1-5 root  /usr/local/bin/confd-client.plx change_object REF_AppRulFacebook status 1
    0 13 * * 1-5 root  /usr/local/bin/confd-client.plx  change_object REF_AppRulFacebook status 0


    Then, to get the lines into /etc/crontab, go to the 'Configuration' tab of 'Management >> Up2Date', change one of the intervals, [Apply], change it back and [Apply].  This change should survive everything but a reload from ISO.

    Cheers - Bob

    Changelog: 08-24-2015 Added title, "Note" at the top and new crontab paragraph; 02-26-2015 Thanks to teched for noticing my minutes/hours mistake and other suggestions for improvement

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Application Control Time Schedule

    Create an Application Control rule blocking all of the Facebook applications.  Don't give it a name - that will cause WebAdmin to display the REF_*********x that you should use in the below. Note that that trick no longer works as helladotnet says below.  If you name the rule "Facebook," teched's suggestion below to use the get_references command will likely show that the REF is REF_AppRulFacebook, so I've used that in my suggestion below.

    Next is a trick that isn't supported, and won't be included in a configuration backup...

    Add the following two lines to /etc/crontab-static for weekday (1-5) control:

    0 12 * * 1-5 root  /usr/local/bin/confd-client.plx change_object REF_AppRulFacebook status 1
    0 13 * * 1-5 root  /usr/local/bin/confd-client.plx  change_object REF_AppRulFacebook status 0


    Then, to get the lines into /etc/crontab, go to the 'Configuration' tab of 'Management >> Up2Date', change one of the intervals, [Apply], change it back and [Apply].  This change should survive everything but a reload from ISO.

    Cheers - Bob

    Changelog: 08-24-2015 Added title, "Note" at the top and new crontab paragraph; 02-26-2015 Thanks to teched for noticing my minutes/hours mistake and other suggestions for improvement

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • New member  asked me a question via PM.  Since I don't answer questions for free there, here's his question that he asked me to post:

    "After making changes I can't view the live logs for Application control. Please help how I can fix it."

    Those instructions cannot affect logging.  Try changing to a different browser or clearing your browser cache.  Any luck with that?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • It is working after closing and starting the browser.

    Thanks Bob for your support