DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

Allow Exceptions to Web Filtering using URL Filtering

More
19 May 2009 07:31 #55866 by louis-m
i'm aware of how the firewall works. on my 2820 v3.3.1.1

1. csm>web filter = block ALL selected
2. firewall>general = default>block, webfilter>block ALL
3. 1st firewall rule = block ALL if no further match
4. 2nd firewall rule = pass 21,22,23,80,443 & webfilter>block ALL

nothing is blocked!

do the same test with the url filter and url's are blocked eg keywords.

the web content filter was tested with various combinations eg default=pass, firewall=block etc & viceversa and:
url filter is working.
web content filter is not working.

i'm going to test this today with a 2950 3.3.2 to see the result.

2820 = 3.3.2_RC5
2950 = 3.2.4

Please Log in or Create an account to join the conversation.

More
19 May 2009 09:59 #55867 by macavity
Do you have any other firewall rules in that filter set or any other filter sets?

Please Log in or Create an account to join the conversation.

More
19 May 2009 17:20 #55873 by louis-m
as above, there are only 2 firewall rules (default has been deleted) default data filter starts at rule set 2.
firewall works perfectly.
url filter works perfectly.
web filter doesn't.

2820 = 3.3.2_RC5
2950 = 3.2.4

Please Log in or Create an account to join the conversation.

More
20 May 2009 17:06 #55909 by macavity
I'm sure it works for me. I'll have a play with my router at home, it's got 3.3.1.1 as well.

Please Log in or Create an account to join the conversation.

More
20 May 2009 19:22 #55914 by rolandrat
Web filtering is working fine as far as I can tell.
Going back to your original question: Block "webmail" but allow "hotmail".
Off the top of my head I dont think that it can be done like that, but I will try it and see if I can figure a solution.
I find that it is a lot easy to configure the firewall rules for different computers on a LAN (ie everyone in the house uses their own PC/Laptop), fixing IP's by MAC then setting up rules for IP groups etc.
I can see there being a problem when its a single PC, which would more suit a software solution by login name etc.
Let me have a play around and I'll see what I can come up with.

Please Log in or Create an account to join the conversation.

More
20 May 2009 19:36 #55915 by rolandrat
Good news and bad news.
Good news is I've got it working, bad news is that it appears to be a new feature of the beta firmware ive got 3.3.2 RC5, as I haven't seen the setup like this before.

They have moved the white/black list selection to the web filter screen, which basically lets you tick the web filter box for webmail, therefore blocking all webmail (tried it with googlemail and my exchange accts webmail access), what you then do is set the white/black list to PASS and give it the previously defined keyword object (or GROUP of objects). As the URL list has priority then it allows hotmail, but falls through to the webfilter for all the others.
Log a call with support and ask for the beta firmware.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami