Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 5404 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to tell which rule is passing traffic?

rfcat_vk

Hi,

I have created a rule to pass facebook only, but there doesn't apear to be any way to see what is actually being passed by that rule.

I suppose I could disable all the other rules and see what happens, not a good solution for most people.



This thread was automatically locked due to age.
Parents
  • +1

    HI rfcat_vk, 

    You may need to check which address is resolved on your system to access facebook, at my setup I have used XG as a DNS server for simplicity and also you may follow the steps as per the snaps provided. 

  • 0 in reply to Aditya Patel

    Hi and thank you for the answers.

    I setup a rule using applications, then disabled my general access rule to see what worked and didn't work.

    Facebook worked, most other applications didn't, but my weather station did which surprised me.

    I think I have it under control.

    Some mail inserts don't download. I expect to see lots of errors in today's logs.

  • 0 in reply to rfcat_vk

    Several years back with a sophos utm 100 something...

    The boss's daughter was supposed to be working and she got caught her on facebook.  I ended up using an application rule to keep the peace.

    Without the ability to block https traffic, the web blocking didn't work with facebook because when it blocked http://facebook.com facebook would re-direct to https://facebook.com 

Reply Children