"
Hi, bug report created. In description I put link to this thread.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#2
Zenarmor (Sensei) / Problem with blocking YouTube
April 30, 2021, 11:08:18 AM
Hi, I have a strange problem with blocking YouTube and I'm not sure if this is Sensei bug or configuration issue.
I run OPNsense as Proxmox VM. There are 2 vtnet interfaces and 5 VLAN-s. On LAN side there are 4 VLAN on top of vtnet0.
Engine is 1.8.2
App and Rules 1.8.21040109
Sensei is configured "Routed Mode (L3 Mode, Reporting + Blocking) with native netmap driver" and protected interface is "Unassigned vtnet0". In policy configuration App Controls I selected to block all entries with YouTube in name and additionaly "Quic UDP". In such configuration all 4 VLAN-s running on vtnet0 should be protected. The problem is that YouTube is not blocked. When I go to Dashboard and check Session Details I see connections as Blocked but Byes In/Out indicate that traffic is not blocked and indeed YouYube is working.
When I changed protected interface to individual VLAN-s then YouTube is blocked as intended.
So to the questions:
1 - What is correct Protected interface selection in case VLAN-s are in use?
2 - Is behavior that I observe due to missconfiguration or shall I open support ticket to get this fixed.
Thank you,
Krzysztof
I run OPNsense as Proxmox VM. There are 2 vtnet interfaces and 5 VLAN-s. On LAN side there are 4 VLAN on top of vtnet0.
Engine is 1.8.2
App and Rules 1.8.21040109
Sensei is configured "Routed Mode (L3 Mode, Reporting + Blocking) with native netmap driver" and protected interface is "Unassigned vtnet0". In policy configuration App Controls I selected to block all entries with YouTube in name and additionaly "Quic UDP". In such configuration all 4 VLAN-s running on vtnet0 should be protected. The problem is that YouTube is not blocked. When I go to Dashboard and check Session Details I see connections as Blocked but Byes In/Out indicate that traffic is not blocked and indeed YouYube is working.
When I changed protected interface to individual VLAN-s then YouTube is blocked as intended.
So to the questions:
1 - What is correct Protected interface selection in case VLAN-s are in use?
2 - Is behavior that I observe due to missconfiguration or shall I open support ticket to get this fixed.
Thank you,
Krzysztof
Pages1
