English Forums > Zenarmor (Sensei)

Application reports blocked, but still is allowed for use

(1/1)

NopSled:
Hello All -

Recent convert from the "other" sense platform to OPNsense. After installing Zenarmor (Home License) and configuring my first policy, I disabled Instagram within the applications. In the report, I see entries in red showing that it was supposedly blocked, but I am still able to get to the site on the web as well as use the app on my cell phone. I am currently running in "Routed Mode (L3 Mode, Reporting + Blocking) with native netmap driver". Wasn't sure how the blocking actually worked or if I missed something possibly. I do have a PiHole running on the network. I saw in the documentation that PiHole could run in parallel with Zenarmor so long as caching is disabled. Would having a PiHole w/unbound DNS running on the network cause issues with the application blocking?

Edit: Since I point clients to PiHole via DHCP, I pointed my machine to use the default resolver on OPNsense instead and got the same result.

Thanks!

sy:
Hi,

We need to check the configuration. Can you share a bug report from the upper right corner of Zenarmor GUI by selecting Zenarmor logs and configuration checkboxes?

NopSled:
Sorry for the delayed response Sy.

I just loaded Zenarmor to a spare appliance that I have here and it now appears to work correctly blocking social media sites from the web settings portion of the policy. I did notice that I am still able to however get to one of the social media sites (Instagram) with the app on my cell phone. The difference between the two configurations are that the other box I had it installed on was using a single trunked interface with 3 VLANs (only the parent interface selected) and this box has discreet interfaces. I will reload to the other appliance and send the logs via the GUI tomorrow when I can take the other box out of service to reconfigure.

Thanks!

sy:
Hi,

Can you confirm that the mobile phone is matching to the correct policy?

Navigation

[0] Message Index