Zenarmor only blocking some destinations - config

Started by Visnor, April 12, 2023, 09:29:20 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 12, 2023, 09:29:20 PM Last Edit: April 15, 2023, 12:55:21 PM by Visnor
I installed Zenarmor to easily maintain kids policies on specific devices with fixed IPs on VLAN. I am running Zenarmor on LAN with a policy set up for those specific IPs. Did just the basic configuration after the install.

But only some content is blocked - Steam app for example gets blocked but all web pages work as usual.

Running UnBound as well so probably some important set up bit is missing? Only DNS requests to the firewall are allowed while everything else is blocked by firewall rules.

Update:takes about 10 minutes to refresh for the policy to 'notice' new blocks. So that's fine.
Anyway would like to understand why the delay?
April 13, 2023, 01:17:50 PM #1
Hi,

Do you try to block everything with the policy? Can you give a bit more detail about the policy or simply share a bug report from the upper right corner of Zenarmor GUI by selecting Zenarmor config and logs checkboxes.
April 13, 2023, 05:28:01 PM #2
For the testing I now blocked youtube in the default policy (so should apply for any device if I understand it right)

It gets logged in the Reports -> Activity Explorer
Quote
www.youtube.com | Visits: 3 | Categories : Encrypted, IP Queried, Online Video, Reference, SSL, SSL V3, Technology and Computer, Web Browsing | 4.42 KB/23.18 KB

Zenarmor tels me it is blocked in the Live Session Explorer


By Firefox happily loads youtube
April 14, 2023, 03:15:16 PM #3
You may try to disable QUIC UDP Connection under Application Control / Media Streaming
April 14, 2023, 06:43:26 PM #4
Not sure where "Application Control / Media Streaming" is. Set up a rule to block all UDP 433 outbound traffic if that's what you mean but that didn't help. Live view is not showing any traffic there when trying to access youtube.
April 15, 2023, 12:33:46 PM #5
Update: It went into effect somehow overnight and the policy started to work as expected.

While having UDP blocked I then disabled the rule in the policy -> youtube available. Enabled the rule again -> youtube still available  :o

It there some kind of timed cache or whatever that is causing this behavior?
May 01, 2023, 10:52:25 AM #6
Hi @ Visnor,

Please share a report by foloowing the instruction in below link. It seems that we need to check the policy configuration.

https://www.sunnyvalley.io/docs/support/reporting-bug
Print
Go Up Pages1
User actions