Инструменты пользователя

Инструменты сайта


en:deny_rule50

Deny rule

Rule creation

In order to block user access to host in the Internet or deny access via any particular port the Deny rule is necessary. Proceed to users and groups page which supposed to be blocked access, open «Rules and Restrictions» followed by «Add→Deny rule».

Запрещающее правило

During creation of deny rule it is possible to specify destination address, destination port and connection protocol. Destination address could be a host-name as well as IP address or IP-range with prefix or range type of xx.xx.xx.xx-yy.yy.yy.yy. If user is assigned with several IP addresses you can specify addresses for which rule will apply in «Source field». You may wish to specify a time duration for a rule.

Запрещающее правило

Warning! This rule will filter traffic on IP protocol rule level and cannot do URL-based filtration. For URL-based filtration Proxy deny rule is used.

For exception creation of deny rule Allow rule is used.

How to deny port-range

You can specify a range of ports using «-» as well as list of ports using comma - «,» or space-bar -« ».

Example: 21,22,1100-1200.

Layer-7 filtering

Apart from standard transport protocols (TCP and UDP) ICS can filter application-level protocols. Currently OSCAR (ICQ) and p2p (torrent) protocols are supported.

Запрещающее правило

Using this rule you may completely block usage of peer-to-peer protocols and clean-up your Internet channel from torrent traffic.

en/deny_rule50.txt · Последние изменения: 2020/01/27 16:28 (внешнее изменение)