SA520 - Can't filter web traffic when using content filtering

Unanswered Question
Jul 27th, 2010

When I enable content filtering, the ability to filter web traffic using firewall rules goes away.  As a matter of fact, the outgoing policy can be set to 'Block Always' and all web traffic still goes through if content filtering is on.  Is there any work around for this?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Brian Bergin Wed, 08/18/2010 - 17:35

Even in 1.1.65 there are other things do not work when using content filtering.  From the 1.1.65 Release Notes:

Protocol bindings do not work when content filtering and/or ProtectLink services

are enabled on the router.

Bandwidth profiles do not restrict the following:
• HTTP traffic when content filtering is enabled
• Passive FTP sessions
Workaround For HTTP traffic, disable content filtering. For passive FTP sessions, there is no workaround.

It could be what you've found should be added to the list.

weilia Mon, 08/23/2010 - 14:24

Hi Don,

we are aware of the issue and are likely to address this item in a future firmware release.

Regards,

wei

ValleyITPC Wed, 09/08/2010 - 09:20

I'd also like to add that content filtering appears to be somewhat non-functional even when not using protocol bindings or firewall rules.  It also somehow seems to be affected by your browser's history.

My SA520W, firmware 1.1.42, has no firewall rules set (just default settings), and no protocol bindings set (again just default from the factory).  I also have no add-ons so no Protectlnk or IPS or anything.

Today I tested it by first Enabling Content Filtering.  I then added a Blocked Address (Web Site specified was www.gamespot.com).  After Apply, this worked, I could not go to that site.  So I then turned Content Filtering off, leaving the Blocked Address entry there so I wouldn't have to re-enter it later if I enabled Content filtering again.  I then was able to visit that site so so far the testing was going well.

I then re-Enabled Content Filtering and verified that the Blocked Address section still had that entry for www.gamespot.com.  I tried visiting the website and it STILL let me go there.  I did some further playing around with clearing browser history and/or adding additional items to the content filtering Blocked Address list.  Very inconsistent results - at times the SA520W would block some of the addresses but not all.

What's not happening that makes this behave so?

Has anyone else tested this further?