This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

A question about data flow.

When I turn off the proxy, and go out to the net, I see the firewall rule for web surfing get listed as being hit, when looking at the live firewall log.

When I turn on the proxy, and repeat the experiment, I do not see the firewall rule being used.

I turned off the rule to allow web browsing, and left the proxy on. I could still browse the net.

I am also wondering where the logic for app control comes in. Below is my expectation of how this flows.

Is this flow diagram correct?

{See modified image at the end of the thread}

If not, can you please help me to make it correct?

Thanks,
C68

This thread was automatically locked due to age.

Parents

0 BAlfson over 9 years ago

For return traffic, conntrack is considered before Country Blocking. In this way, traffic requested may be received from a country blocked for inbound traffic.

For outbound traffic, SSL encryption has to be after App Control. For inbound traffic, I don't know if it is always applied or never, so #2 in Rulz may need to be changed.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 9 years ago

For return traffic, conntrack is considered before Country Blocking. In this way, traffic requested may be received from a country blocked for inbound traffic.

For outbound traffic, SSL encryption has to be after App Control. For inbound traffic, I don't know if it is always applied or never, so #2 in Rulz may need to be changed.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data