[Kon]

Hi.

You have to buy only one license in this case.

Regards,
Andrew

[Kon]

Ты же сам сказал, что он риторический:)))

Тут как душе удобно, смотря какого типа траффик ты считаешь или как душе угодно:)

[Kon]

You have been answered by e-mail.

[Kon]

Привет.
Это из-за того что есть величина минимального значения Ethernet пакета и она больше 40, и скорее всего ее значение зависит от драйвера сетевой карты или самой карты.

То что твои значения различаются вполне корректно. Для наблюдения такой картины, попросту поставь Network Monitor и посмотри что на минимальных пакетах, таких как SYN или ICMP echo, значение длины фрейма больше, чем сумма длины ehernet заголовка + значение указаное в ip заголовке.

[Kon]

Hi.

Thank you for feedback.

We try to analyze your configuration on test PC’s.

We will answer as soon as possible.

[Kon]

Yes, firewall is always running at the driver level.

[Kon]

NeT Firewall log system with Reason of pass/block are pretty well for experimenting with Rules and Security levels.

[Kon]

WEB browsing rule and DNS rule must be created on workgroup interface.

[Kon]

Hi.

If I understand your problem in a proper way, you have to block all internet traffic for the workstations except of web browsing.

If so, you have to turn your workgroup network interface to High Security Level. All network services will be blocked in your PC, if not directly allowed by Rule.

After this you have to create Rule:
Description:WEB Browsing
Id:for example 1
Type:Allow
Direction:Both
Protocol :TCP
Destintaion Port :80
You can also specify different addresses for you needs.

You cam also must allow DNS:

Description:DNS
Id:for example 2
Type:Allow
Direction:Both
Protocol :UDP
Destintaion Port :53

Regards,
Andrew

[Kon]

Hi.

Please clarify, is your question about NeT Firewall?

[Kon]

In this case, at remote server you have two logged users.

That is why you can’t see all packets from driver because another active user (running Firewall GUI instance) gets some of them.

[Kon]

You can allow subnet of DSL provider.

It is not possible to filter traffic using domain names (as you have mentioned they may change frequently and resolving DNS entries for each packet would decrease firewall perfomance greatly).

[Kon]

Lets make step by step.

1) You connect ot remote server using mstsc and restart remote server. After this you have reconnect to remote server and see packets in log and etc. After this you disconnect connection with remote server and connect again. In this time you hve no logs and ets…

Yes?

[Kon]

Hi.

You can use domain name to create Rule using Wizard. You can also use aliases.

Just create alias(http://www.google.com) with google subnet or range.

[Kon]

Hi.

You question is about using NeT Firewall?

[Author]

Posts