Appcontrol
From Wiki of WFilter NG Firewall
(Difference between revisions)
(Created page with "{{DISPLAYTITLE:App Control}} == Dynamic Filter == <p>'''Policy''':可以根据“影响工作”,“占用带宽”和“风险”三个标准去自动禁止符合标准...") |
|||
| Line 1: | Line 1: | ||
| − | {{DISPLAYTITLE: | + | {{DISPLAYTITLE: Application Control}} |
| + | |||
| + | == Application Control == | ||
| + | |||
| + | This module enables you to block and allow "applications", also named as "protocols". | ||
| + | WFilter identifies each application by digital signature matching, even p2p applications can be completely blocked. | ||
| + | |||
| + | * Each client can be applied with multiple policies. | ||
| + | * Every policy can set "applied to clients" and "effective time". | ||
| + | * Besides the applied to "clients" and "time", detailed "app control policy" settings are described in below. | ||
| + | |||
== Dynamic Filter == | == Dynamic Filter == | ||
| − | |||
| − | |||
| − | == | + | Every application(protocol) has three properties: "time-waisting", "bandwidth" and "risk". With dynamic filter, you can block applications by properties. |
| − | + | * When dynamic filter is enabled, you still can set blocking for each application. | |
| − | + | * Every property has 1-5 five levels. For example, bandwidth(5-high) means this application occupies bandwidth in the highest level. | |
| − | + | ||
| − | + | [[File:ros_appcontrol_01.png|650px]] | |
| − | [[File: | + | |
| + | == Deny and Allow == | ||
| + | * You may check the applications list and set policy by clicking "edit". | ||
| + | * If "state" is "Automatic", this application will match the "dynamic filter" rule. "Deny" state applications will be blocked. "Allow" state applications will not be blocked. | ||
| + | * Applications with "-" properties won't be matched by "dynamic filter" rule. | ||
| + | * When "Priority" is enabled, this application won't be blocked by other rules or modules. For example, For example, "qq file transfer" is relayed by websites; if you block web surfing, "qq file transfer" will also be blocked unless "Priority" of "qq file transfer" is enabled. | ||
| + | [[File:ros_appcontrol_02.png|650px]] | ||
Revision as of 14:46, 23 December 2015
1 Application Control
This module enables you to block and allow "applications", also named as "protocols". WFilter identifies each application by digital signature matching, even p2p applications can be completely blocked.
- Each client can be applied with multiple policies.
- Every policy can set "applied to clients" and "effective time".
- Besides the applied to "clients" and "time", detailed "app control policy" settings are described in below.
2 Dynamic Filter
Every application(protocol) has three properties: "time-waisting", "bandwidth" and "risk". With dynamic filter, you can block applications by properties.
- When dynamic filter is enabled, you still can set blocking for each application.
- Every property has 1-5 five levels. For example, bandwidth(5-high) means this application occupies bandwidth in the highest level.
3 Deny and Allow
- You may check the applications list and set policy by clicking "edit".
- If "state" is "Automatic", this application will match the "dynamic filter" rule. "Deny" state applications will be blocked. "Allow" state applications will not be blocked.
- Applications with "-" properties won't be matched by "dynamic filter" rule.
- When "Priority" is enabled, this application won't be blocked by other rules or modules. For example, For example, "qq file transfer" is relayed by websites; if you block web surfing, "qq file transfer" will also be blocked unless "Priority" of "qq file transfer" is enabled.
