HELP!!!! Blocking Rules block internet Browsing

Home Page Forums Network Management ZeroShell HELP!!!! Blocking Rules block internet Browsing

This topic contains 3 replies, has 0 voices, and was last updated by  matthew.a.squires 5 years, 2 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #41555

    I created a a CHAIN rule for blocking Layer7 protocols/applications.
    It works great, except that after an unknown period of inactivity we are loosing the ability the surf the internet.
    Some times I can access the Zeroshell Web Interface and some times I cannot.
    I have tried Disabling and re-enabling the Firewall and Router services, with no positive results.

    We do not have a 3rd party firewall install on my WinXP Pro OS and the Windows Firewall is turned off.

    I renewed the WinXP IP Addresses and we are still unable to browse.
    I released and renewed the WAN IP Address and we are still unable to browse.
    We are able to ping IP Addresses, but not URL (eg: http://www.google.com)
    The only solutions that works is to restart the Zeroshell Router.
    But again, after and unspecified period of time I loose the ability to browse the internet or even access the Zeroshell Web Interface.
    When the blocking rules are disable and the router is restarted, the inability to browse after a period of browsing inactivity is not an issue.

    The blocking rules that block Layer7, is configured with (*) in the To and From address field to indicate any address(es).

    I am blocking, applications such as MSN Chat, Yahoo Chat, Chinese and Koren P2P application, FTP, SSH, Remote Desktop and Remote Log-on and so on.

    Please Help, or Explain why.

    #47844

    Further troubleshooting:

    When I Released & Renew the WAN IP Address, I am able to browse the internet for a period of time. That is no set time.

    At first I thought it was my ISP, but when I disable the Firewall Blocking Rules I do not experience the Browsing issue.
    In addition, my VPN connections remained up (They do not point to IP address, they point to a DNS Name) and I can access the clients and Web interfaces on the other end.

    Again! While the firewall blocking rules are running I cannot browse the internet, Buy I am able to browse the Internal Websites. My only issue is browsing the the WAN.

    =============
    FIREWALL RULES
    =============

    Chain FORWARD (policy ACCEPT 1 packets, 194 bytes)
    pkts bytes target prot opt in out source destination
    0 0 DROP all — ETH00 * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto rdp
    0 0 DROP all — ETH00 * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto rlogin
    77 14896 dropchain all — * * 0.0.0.0/0 0.0.0.0/0
    76 14702 bridge00 all — BRIDGE00 * 0.0.0.0/0 0.0.0.0/0
    1 194 CapPort all — * * 0.0.0.0/0 0.0.0.0/0

    Chain dropchain (1 references)
    pkts bytes target prot opt in out source destination
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto msn-filetransfer
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto msnmessenger
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto aim
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto aimwebcontent
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto 100bao
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto code_red
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto soribada
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto xunlei
    12 2424 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto qq
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto hotline
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto yahoo
    0 0 DROP all — * * 0.0.0.0/0 0.0.0.0/0 LAYER7 l7proto napster

    #47845

    =================
    Continued troubleshooting
    =================

    The issue seems to be linked to OpenDNS.
    I do not subscribed to OpenDNS Service, but I use their two DNS IP Addresses.
    I consulted with another Admin and he had the same issue with OpenDNS.
    According to his experience with OpenDNS, after about 30 minutes his network loses the ability to browse the Internet (WAN) but is able to browse the Intranet (Local).

    I tired installing the OpenDNS fix and the router crashed.
    I re-built the router and restored the config file.
    I removed OpenDNS IP Addresses and is again using the local ISP DNS Service.
    I will report the results, good or bad.

    #47846

    For anyone is interested:

    I removed the OpenDNS IP Address from within DNS / Forwarders and the network clients have not experienced any additional negative issues browsing the Internet (WAN).

    In the Feature:
    I would like to use OpenDNS, but before I do I will build a new route, apply all of the patches (including the OpenDNS patch) and then duplicate the existing network. But not at this time.

    The Layor7 blocking rules are working great.

    Thank you Fulvio Riccardi, and thank you ZS

    #47847

    WilliamBondi
    Member

    The rules of blocking internet for different users keep on changing as and when you see the technology changing. As you know how the technology is changing with a great pace, hence it is important to check the updates and the newer ways of doing so. Updating about these things can really help you a lot in doing this job in a right way. Now there are software like SKEEBLOO available in market for LAN and internet blocker, You can find more information on http://www.truetime-applications.com

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.