This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Filter Actions and Target Services

From testing it seems that when you add a target service under Web Protection > Filtering Options > Misc, that it applies to all proxy users and destinations. So if I need to allow access to port 9000 for one user to one website, all proxy users will have access to port 9000 for all websites.

The only way I have found to restricted this is to create an entry under "Block These Websites" equal to ".+:9000.+" on every "Filter Action" in existence. Then add an entry under "Allow these Websites" equal to ".+website.com:9000.+" for the "Filter Action" that applies to the end user.

As I add more profiles and filter actions, this becomes more and more difficult to keep up with. Is there another way to allow very targeted access to a custom port through the proxy?



This thread was automatically locked due to age.
Parents
  • Hi Tim,

    Welcome to Sophos Community.

    How about doing this in an easy way? Create an exception for all the requests for User/Groups and Matching the URLS! Navigate through the options Web Protection> Filter Options > Exceptions.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Will an exception allow a non-standard service without it being in the "Allowed Target Services"? Exceptions don't seem to be designed to block, they seem to be designed to "Allow".

    My problem is not with allowing a non-standard service, but having granular control over it. Once added to Misc > Allowed Target Services, everyone has access to port 9000.

  • So I just tested. Without port 9000 listed in "Allowed Target Services", no matter how I created the "Exception", I received "Blocked",  "Target Service not allowed" on the policy helpdesk.

    If I add port 9000 to the "Allowed Target Services", the policy helpdesk reports I can access any valid domain on port 9000. I see no way to create an exception to block it.

    I am not a regex master, so if you have allowed non-standard ports using the exception list, could you please provide an example regex and what checks you skipped to get it to work?

    Thank you.

  • Tim, is the Proxy in Transparent mode?  If in standard, do you have Active Directory or some other way to distribute Proxy Settings to the client browsers?

    The easiest would be to skip the Proxy for the one website.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Tim, is the Proxy in Transparent mode?  If in standard, do you have Active Directory or some other way to distribute Proxy Settings to the client browsers?

    The easiest would be to skip the Proxy for the one website.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data