Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 17 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 2892 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

ip / country block does not work with waf

Andreas Lindl

SFVH (SFOS 18.0.4 MR-4) 

hello

the block rule only works with dnat

I have created the "block country" rule and blocked my cell phone for testing purposes

the dnat rule is blocked correctly

but all waf rules are not blocked

do firewall rules not apply to waf?
how to set ip / country block for waf?



This thread was automatically locked due to age.
Parents
  • 0

    Well its weird cuz for me IP/Country is working correctly. Ive checked it from different VPNs, proxies And all traffic is denied.  Im using WAF rules And on the top of all policies stand "deny countries" -> I did check logs and the traffic is  tagged as "denied".

  • 0 in reply to Regex

    Hi,

    please remember that linked NAT rules take precedence over ordinary NAT rules even if you have the linked NAT rule lower down the processing order.

    Ian

  • 0 in reply to rfcat_vk

    Those are mine. 

    And i havent been touhcong default settings ;)  FW rule is blocking whole world excpet specific hostname that is allow to access VPN and other services ;) pls keep in mind that dest FW rule is behind blocking rule. DNAT rule is FIRST as u can see in the screenshot. 

Reply
  • 0 in reply to rfcat_vk

    Those are mine. 

    And i havent been touhcong default settings ;)  FW rule is blocking whole world excpet specific hostname that is allow to access VPN and other services ;) pls keep in mind that dest FW rule is behind blocking rule. DNAT rule is FIRST as u can see in the screenshot. 

Children