Products Partners Download Buy Network About Community Help  

User Guide Overview

Installing/Upgrading Introduction System Requirements Compatibility RAID Support Starting the Install/Upgrade Configuration Options Partitioning and RAID Troubleshooting

Post-Installation - First Boot Network Configuration Web-based Administration System Registration

Network Settings Bandwidth DHCP Server Hosts and DNS Server IP Settings LAN Configuration Multi-WAN Network Tools UPnP Wireless

Firewall 1 to 1 NAT Advanced DMZ Group Manager Incoming Outgoing Peer-to-Peer Port Forwarding

Security Intrusion Detection Intrusion Prevention

Accounts Users Groups Organization Administrators

System Backup and Restore Date Encrypted File Systems Language Running Services Shutdown and Restart SMTP Relay SSL Certificate Manager Webconfig

Backup LAN Backup/Recovery

Database Database

E-mail Antispam Antispam - Dspam Antispam - Training Antivirus Aliases Archive Filters / Greylist Maildrop POP and IMAP SMTP Mail Server Webmail

File and Print Services Flexshare FTP Server Print Server Windows Networking

Filtering and Proxying Access Control Ad and Pop-up Blocker Content Filter Web Proxy

Groupware Groupware Setup

VPN Desktop-to-LAN / PPTP LAN-to-LAN / IPsec OpenVPN

Web Photo Gallery Web Server

Reports Current Status Dashboard Overview Intrusion Detection Logs SMTP Mail Statistics Web Proxy Web Server


Contact Us
  Sales Enquiry
  Tech Support

 
         
  Current Document and Section   Other Documents  
  - Documentation
    - User Guide
   DNS and Domains
Gateway Services Guide
Release Notes
Howtos
  
 

Firewall - Outgoing

Contents

Overview

Firewall Outgoing Information
Description Tool for blocking or allowing (depending on mode) outgoing connections on your network.
Package Name cc-firewall
Configuration Page Network > Firewall > Outgoing

Configuration

From the Firewall Outgoing page, you can block or allow certain kinds of traffic from leaving your network depending on the mode/policy.

 
 

As of ClarkConnect 4.0, it is now possible to reverse the meaning of rules created from the Firewall Outgoing page. The language used in the following documentation has been altered to reflect this change. Users of older ClarkConnect versions can only allow all outgoing traffic by default and then selectively block certain hosts and services. See Choose an Outgoing Mode below for more details.

 
 


This page is useful for blocking/allowing instant messenging, chat, peer-to-peer music dowloads, and more.

You have two ways to block/allow traffic:

  • by destination port/service
  • by destination IP address/domain

Note: If you want to block peer-to-peer file sharing programs like Kazaa and Limewire, you will also want to check the Firewall - Peer-to-Peer section of the user guide.

Choose an Outgoing Mode

As of ClarkConnect 4.0, you can toggle the outgoing traffic mode or policy. All previous versions of ClarkConnect allowed all outgoing traffic by default, only providing the administrator with the ability to specifically block certain hosts or services. With ClarkConnect 4.0 and above, it is possible to block all outgoing traffic by default and only open or allow certain destination domains, ports/services to be contacted.

Image:Ss_firewall_block_outgoing_mode.png

Note: These are the two Outgoing Traffic policies available as of ClarkConnect 4.0.

Outgoing Traffic - By Port/Service

Destination Ports prevents/allows a connection on a particular port/service. For instance, adding port 80 (web) disables/enables web-surfing for your entire local network.

Image:firewalloutgoingports.png

Outgoing Traffic - By Host/Destination

Destination Domains allows you to block/allow certain networks and sites. For instance, if your Outgoing Mode is set to allow all outgoing traffic, blocking windowsupdate.microsoft.com blocks Windows from connecting to the windows update site. Keep in mind, some sites use multiple servers to handle network traffic and are not easily blocked.

Warning! 
  If you block destinations with the firewall bear in mind that users of the proxy may not be blocked. If you require proxy users to be blocked, your best option is to block the destinations using the DansGuardian Content Filter Module.  
 


Image:firewalloutgoingdestinations.png

As of ClarkConnect 4.0, the Block/Allow by Destination form has changed slightly. The standard services drop-down box has been removed and merged into the Destination Ports form illustrated above.

Image:firewalloutgoingdestinations4x.png

Troubleshooting

Links

Retrieved from "http://www.clarkconnect.com/docs/Firewall_-_Outgoing"

This page has been accessed 7,514 times. This page was last modified on 4 January 2008, at 16:00.


 
   
Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 3.0 License.

Company | Contact | Legal | Help | Login