Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 1 reply
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 2739 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Automatic rules and DNS

AdamJastrzebski

Hi guys.

 

Please explain me why i can't see all automatic firewall rules? Fe. enabled DNS for internal network automaticly creates rule Internal -> UTM (internal IP) for DNS. While i can see that rule in iptables there is nothing in WebAdmin->Network Protecion->Firewall.

 

Thx in advance.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Adam,

    There are a lot of subsystems in the UTM that actually "sit ahead" of the Firewall so therefore a firewall rule will not be shown as those servers maniplulate IPTables and their listening ports directly. Some of the systems that do this are as follows:

    • Wireless Protection enabled interfaces for connections to 1.2.3.4
    • DNS on port 53
    • Web Filtering in Transparent (port 80/443) and Standard Proxy (default 8080)
    • FTP, SOCKS and Generic Proxy
    • All Remote Access and Site to Site VPNs
    • NTP
    • There are others

    So basically the firewall config is actually one of the last in line to be manipulating IPTables so therefore does not show the other subsystems configurations either by design or due to the configuration layer.

    Hope that answers your question!

    Emile

Reply
  • 0

    Hi Adam,

    There are a lot of subsystems in the UTM that actually "sit ahead" of the Firewall so therefore a firewall rule will not be shown as those servers maniplulate IPTables and their listening ports directly. Some of the systems that do this are as follows:

    • Wireless Protection enabled interfaces for connections to 1.2.3.4
    • DNS on port 53
    • Web Filtering in Transparent (port 80/443) and Standard Proxy (default 8080)
    • FTP, SOCKS and Generic Proxy
    • All Remote Access and Site to Site VPNs
    • NTP
    • There are others

    So basically the firewall config is actually one of the last in line to be manipulating IPTables so therefore does not show the other subsystems configurations either by design or due to the configuration layer.

    Hope that answers your question!

    Emile

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML