Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Blocking some things and reporting others. Is this possible?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Blocking some things and reporting others. Is this possible? (Read 4538 times)
allebone
Sr. Member
Posts: 402
Karma: 34
Blocking some things and reporting others. Is this possible?
«
on:
April 09, 2021, 12:40:45 am »
I have the default policy which has the things I want to block, but some things I only want to report but not block. If I create a new policy I can only seem to block things there is no way to only report on the additional things I am wanting to monitor. Is this possible to achieve?
P
Logged
sy
Hero Member
Posts: 595
Karma: 44
Re: Blocking some things and reporting others. Is this possible?
«
Reply #1 on:
April 12, 2021, 08:35:23 pm »
Hi,
Do you mean reports of some applications or some users?
Logged
mb
Hero Member
Posts: 941
Karma: 99
Re: Blocking some things and reporting others. Is this possible?
«
Reply #2 on:
April 13, 2021, 01:33:42 am »
Hi @allebone,
Adding to my colleaue @sy, is it like by default you'll not be having any reporting; but only for the flows matching your policy? Currently the controls work like either it is a block or allow; so if we provided a log action there, packets maching this configuration would be the ones which would get repoted?
Does this describe your request?
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: Blocking some things and reporting others. Is this possible?
«
Reply #3 on:
April 13, 2021, 10:36:29 pm »
Hi there,
For example I would like an option to trigger a block on some rules - so for example maybe I want to block IPSEC traffic. Thats great, ticking it blocks it and works fine. However I also want to only report/monitor some types of traffic, eg, maybe I want to allow pptp but be informed in the dashboard/logs when someone is making a pptp connection so I can let these connections continue to work, but be notified to move them to a more secure type of connection.
There are many other reasons one can imagine to want to be able to allow, but report, I am sure you can use your imagination. However currently I can only block or allow, no method to report on types of rules but continue to allow them through. Im asking for this middle option so I can keep tabs on whats happining without blocking it. Maybe I want to allow certain websites but monitor their use and not block them etc. All sorts of reasons why one might want to do this.
«
Last Edit: April 13, 2021, 10:38:18 pm by allebone
»
Logged
mb
Hero Member
Posts: 941
Karma: 99
Re: Blocking some things and reporting others. Is this possible?
«
Reply #4 on:
April 15, 2021, 02:14:13 am »
Thanks for further information. Got it. So it's besides normal reporting.
These would be in the form of "alerts" of some sort may be. This is not doable right now. Though it might be a good idea; We're adding this to the backlog.
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: Blocking some things and reporting others. Is this possible?
«
Reply #5 on:
April 15, 2021, 05:38:25 am »
Thank you.
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: Blocking some things and reporting others. Is this possible?
«
Reply #6 on:
June 10, 2021, 09:31:38 pm »
Did this ever make it as a possible feature? I didnt see anything on the roadmap
Logged
mb
Hero Member
Posts: 941
Karma: 99
Re: Blocking some things and reporting others. Is this possible?
«
Reply #7 on:
June 16, 2021, 05:19:46 am »
Hi @allebone,
The roadmap page mostly lists major features.
Yes, we've added this to our main backlog. It's not yet prioritized though.
Logged
allebone
Sr. Member
Posts: 402
Karma: 34
Re: Blocking some things and reporting others. Is this possible?
«
Reply #8 on:
June 16, 2021, 05:16:28 pm »
No worries, thanks
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Blocking some things and reporting others. Is this possible?