I recently upgraded from the old Astaro OS to the latest Sophos OS.
I am currently blocking countries via firewall rules using CIDR notations. (The old way of doing this).
I currently have a firewall rule called block exceptions that sits higher then the RIPE/AFRINIC/APNIC/LACNIC blocks.
1. If I take out the block rules using CIDR notations, but leave in my block exceptions, and turn on and block the same countries via the "check boxes" will my exceptions still work?
2. What, if any, changes will I have to make to my firewall rules to use this new "check box" country blocking feature?
Why do I block so much stuff?
Our "safe" network is where we do all of our online bill paying, purchasing, banking, and other sensitive stuff. This also has the proxy which is super locked down.
I have another network that only uses the firewall rules and no proxy. This is where our Linux laptops are used to surf (no sensitive transactions), our VOD is used, and streaming video from Amazon to the TV is used. It is also where I have my VoIP phones. None of that stuff leaves the country, so the blocks mean little to it.
This thread was automatically locked due to age.
