Application Level Filter


(ch312131) #1


is there any way to block traffic in application level??.

even we are using web content filter for HTTP/s .but YouTube application using UDP Protocol for connectivity,

(Joel Clendineng) #2

you can block UDP, simply have squid on, the filter turned on, youtube will show up under DPI, so you can go to firewall rules, create new rule, search for youtube or any other DPI listed application or service and block it.

(Joel Clendineng) #3

Just tested and it works. When you create a firewall rule search for “Service” youtube and drop all. You can even drop youtube or any other app from being accessed on any device on the network. What I usually do is go into DHCP and create static ips for all the known macs in my network, giving them friendly names. If you want to block a certain device from access find the mac in DHCP and make a static ip, then you can add it under firewall rules.

(ch312131) #4

thanks,this worked except viber DPI.

Viber not block even block using Firewall rule

(Joel Clendineng) #5

so you drop all “Service” viber to all hosts and it still works?

(Joel Clendineng) #6

Viber uses ports 5242, 4244, 5243, and 9785 along with 80, and 443 for http and ssl (obviously) so what you can do is go to “Firewall Objects”, “Services”, add a service and type all 4 ports separated by commas. Name it viberports or something. Now you can block traffic on those ports.

Also whatever you do do not block 80 and 443 for obvious reasons :smiley:

Edit 2: make sure to use UDP and TCP as viber uses udp for video and tcp for text, but you probably already guessed that.

(ch312131) #7

i have blocked mentioned ports for UDP/TCP and also 80,443 UDP only.seem that still viber can connect.

(Joel Clendineng) #8

Source ANY, Dest ANY, SERVICE viberports? Try DROP rather than reject.

(Joel Clendineng) #9

Wait, did that actually work?

(ch312131) #10

yes,it was success,

sorry for late reply,