Appcontrol
From Wiki of WFilter NG Firewall
(Difference between revisions)
(→Rule Evaluation) |
|||
Line 31: | Line 31: | ||
* When "Priority" is enabled, this application won't be blocked by other rules or modules. For example, For example, "qq file transfer" is relayed by websites; if you block web surfing, "qq file transfer" will also be blocked unless "Priority" of "qq file transfer" is enabled. | * When "Priority" is enabled, this application won't be blocked by other rules or modules. For example, For example, "qq file transfer" is relayed by websites; if you block web surfing, "qq file transfer" will also be blocked unless "Priority" of "qq file transfer" is enabled. | ||
[[File:ros_appcontrol_02.png|650px]] | [[File:ros_appcontrol_02.png|650px]] | ||
+ | |||
+ | == External Links == | ||
+ | * [http://blog.wfilterros.com/?p=330 How to block facebook videos streaming with WFilter NG firewall?] | ||
+ | * [http://blog.wfilterros.com/?p=324 How to block hotspot shield VPN in network with WFilter NG firewall?] | ||
+ | * [http://blog.wfilterros.com/?p=277 How to block torrent in lan with WFilter NG Firewall?] | ||
+ | * [http://blog.wfilterros.com/?p=27 WFilter NG Firewall can block IDM downloading in your network.] | ||
+ | * [http://blog.wfilterros.com/?p=19 Do not forget to block QUIZ to block youtube and other google sites.] |
Revision as of 14:45, 21 February 2017
Contents |
1 Application Control
This module enables you to block and allow "applications", also named as "protocols". WFilter identifies each application by digital signature matching, even p2p applications can be completely blocked.
- Each client can be applied with multiple policies.
- Every policy can set "applied to clients" and "effective time".
- Besides the applied to "clients" and "time", detailed "app control policy" settings are described in below.
2 Rule Evaluation
- "Match all" means all rules will be evaluate. A visit will be blocked if any rule blocked it.
- "Match first" means only the first matched rule can block access. You can sort rules in this mode. For example, in "match first" mode, you can add a "block all" rule to all users. To allow a client, you can add an allow rule, and move this rule to top of the "block all".
3 Dynamic Filter
Every application(protocol) has three properties: "time-waisting", "bandwidth" and "risk". With dynamic filter, you can block applications by properties.
- When dynamic filter is enabled, you still can set blocking for each application.
- Every property has 1-5 five levels. For example, bandwidth(5-high) means this application occupies bandwidth in the highest level.
4 Deny and Allow
- You may check the applications list and set policy by clicking "edit".
- If "state" is "Automatic", this application will match the "dynamic filter" rule. "Deny" state applications will be blocked. "Allow" state applications will not be blocked.
- Applications with "-" properties won't be matched by "dynamic filter" rule.
- When "Priority" is enabled, this application won't be blocked by other rules or modules. For example, For example, "qq file transfer" is relayed by websites; if you block web surfing, "qq file transfer" will also be blocked unless "Priority" of "qq file transfer" is enabled.
5 External Links
- How to block facebook videos streaming with WFilter NG firewall?
- How to block hotspot shield VPN in network with WFilter NG firewall?
- How to block torrent in lan with WFilter NG Firewall?
- WFilter NG Firewall can block IDM downloading in your network.
- Do not forget to block QUIZ to block youtube and other google sites.