Results 1 to 9 of 9

Thread: Expert Filter Settings

Hybrid View

  1. #1
    jasperjohns Guest

    Default Expert Filter Settings



    People, as i am new to this forum and ZAPhere goes....



    Ok, i am running a linksys bsfr41 and four puters on a home network connected to net with dsl westell modem. im am running the internal network with the netbeui protocol with file and print sharing bound to it. tcp/ip is up, but file and print sharing is not bound to it. netbios is disabled in all protocols.

    bought Zap, entered the key into my router and installed zap on all 4 puters. all seemingly works fine.

    1.) it is necessary to enter the verizon dns servers to the trusted zone (on my puter and to the setups of the other 3?)

    2.) i am trying to add an expert filter to block AOL and AIM on two puters with internal addys of 192.168.1.101, 192.168.1.102. i set up the expert filter on my puter giving source as those two addys, destination as the AOL addys with port 5190 blocked and set to the specific time of 11:00am-5:00pm, monday thru friday.

    i have tried the same in "programs tab" using the specific programs AOL and AIM. blocking from there.

    Note... i did the above on my puter. the filters seemed to have no effect at all in blocking AOL or AIM on the two above metioned puters.

    i then wetn to the individual puters and made filters in much the same way but using "my Computer" as the source and still no sucess.

    can anyone provide help, suggestions?

    ty

















    Operating System:Windows 98-SE (Second Edition)
    Product Name:ZoneAlarm Pro
    Software Version:4.0

  2. #2
    britneyluvr Guest

    Default Re: Expert Filter Settings



    Some things to remember -

    - Firewall Expert Rules are processed in order UNTIL a match.

    - Program Expert Rules are processed in order. So, if you want to allow x and y in Program Expert Rules, you shoudl allow x, then allow y, then block all as the last rule. (remember to add a DNS rule if the program has no access after this, that's often going to block programs when it gets to the Block All rule.

  3. #3

    Default Re: Expert Filter Settings



    Welcome to the ZA Community Jasper Johns. Do I understand your networking setup as the 4 computers are connected to the router? If you create a Expert Firewall Rule for DNS on each computer, that will cover all programs wanting DNS access on each one of them.

    Ok, follow me whit all of this and I think you will see that the rules are not as hard to create as every one is making them out to be. The rules must be created on the computer's that will be accessing the internet.

    Open one of the expert rules you created to block AOL & AIM and lean back and look at the group boxes Source & Destination. Now think about and visualize what you are wanting to block (hint: source/destination)and where you are blocking it from/to (hint: source/destination).
    1. <LI>You do not need the individual IP addresses entered as the Source, just select My Computer. </LI><LI>Now you are wanting to block them from all internet access correct? To do it your way you need to know all of the IP addresses that AOL uses. So why not setthe destination for each programto Internet Zone?</LI><LI>Unless you know all of the, protocols and ports each program uses you are better off leaving Protocol to the default setting of Any.</LI>


    This should do what you want. Let us know if there needs to be any fine tuning done.

    I forgot to ask, you did set the Action to block didn't you?

    Message Edited by Disciple on 06-27-2003 04:15 PM

  4. #4
    jasperjohns Guest

    Default Re: Expert Filter Settings



    2. Now you are wanting to block them from all internet access correct?

    No, i simply want to block internet access for AOL, AIM. Hours 11:00am - 5:00pm.

    You are saying it is best setting up the rules on each individual computer in the network? Could i not do it from one compter? Does ZAP set rules for the router or is it each individual computer in the network?

    If it's each computer then i see i have two choices too block from expert firewall rules or do it individually to each program (AOL, AIM) from the Program Control Tab.

    Simply blocking port 5190 will block AOL, AIM using ANY as the "destination" .... So on the two computer i want to block AOL, AIM access at the perscribed times it might look like this,,, My Computer, BLOCK, ANY (destination), port 5190... doing that in either the "Firewall Expert" tab or in the "Program Control" tab for both AOL and AIM programs.

    Is there no way to set rules on one puter on the network that apply to the other individual computers?








  5. #5

    Default Re: Expert Filter Settings

    I am going to answer your questions inside of your quoted last post.
    <BLOCKQUOTE><HR>JasperJohns wrote:


    2. Now you are wanting to block them from all internet access correct?

    No, i simply want to block internet access for AOL, AIM. Hours 11:00am - 5:00pm.

    What I meant was to block AOL, AIM from all internet access between 11 am - 5 pm

    You are saying it is best setting up the rules on each individual computer in the network?

    Yes.

    Could i not do it from one compter? Does ZAP set rules for the router or is it each individual computer in the network?

    ZAP only protects the computer it is loaded on, therefore the expert rules are only enforced on the computer that ZAP is running on.

    If it's each computer then i see i have two choices too block from expert firewall rules or do it individually to each program (AOL, AIM) from the Program Control Tab.

    Expert Firewall Rules are applied globally to all programs on the computer that ZAP is running on. Therefore all Allow rules are applied to all programs, and the same for all block rules.

    Simply blocking port 5190 will block AOL, AIM using ANY as the "destination" .... So on the two computer i want to block AOL, AIM access at the perscribed times it might look like this,,, My Computer, BLOCK, ANY (destination), port 5190... doing that in either the "Firewall Expert" tab or in the "Program Control" tab for both AOL and AIM programs.

    Taking what I said above, create Program expert rules for each AOL and AIM on each computer that you want them blocked:
    1. <LI>Action = Block</LI><LI>Source = My Computer</LI><LI>Destination = Any</LI><LI>Protocol = (the port number does not equal the protocol; TCP, UDP, and many more) port numbers are associated with the protocols. That is why I suggested leaving it at the default value of any, it covers all protocols and port numbers.</LI>


    Is there no way to set rules on one puter on the network that apply to the other individual computers?

    I'm afraid not, ZAP does not work that way. <HR>

    </BLOCKQUOTE>You did not say why you are wanting to limit AOL &amp; AIM on just 2 computers for a specified time, and it's really none of my business. But I would suggest creating a password on those 2 computers so that these rules cannot be deleted or circumvented.

  6. #6
    jasperjohns Guest

    Default Re: Expert Filter Settings



    done....

    i set the rules on each computer... for each program and all works fine.

    now i fully understand the workings of zap and how rules apply. i was hoping to avoid running to four computers, but such is life. perhaps in another version all four can be administered from one computer.

    as to the reason... kids... and my way of saying.. "get out of the house, do something. it is summer!

    thank you for the help. appreciated.




  7. #7

    Default Re: Expert Filter Settings

    Good, glad to hear that. Like I said it's none of my business, but I suspected children are part of the equation. That's why I suggested to password ZAP, children are extremely: curious, persistent, and not afraid to push buttons on a computer, and not to mention the computer labs at school. No wonder they are more computer literate thanmost of their parents. I wish you the best, and hope to see you around the community.

    Message Edited by Disciple on 06-27-2003 10:57 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •