Block all access for a specific user - Part II

[JeffVCS]

So...my previous post asking about this, then finding the answer is no longer valid.

My rule has simply stopped working, PCs logged in under the specified username can access other stuff.

I made no changes to the box before the rule stopped working.

My rule looks like this:

Directory Connector: Username is <username>
and
Destination Address is not <IP address of remote server>

I've rebooted the UT box, restarted Application Control, but no luck.

Any thoughts? Or any other way of making a rule like this?

[dmorris]

http://wiki.untangle.com/index.php/A..._Control#Rules

Application Control rules are only run after the classification of a session is complete by the classification engine.
Seeing as you're matching on Username and Destination address (of which neither will change by Application Control classification) you might as well use firewall which will block the session immediately.

Create that rule in firewall, set it to block, verify that you see the username in the status tab in directory connector status, and then try to create a session from that server. That rule should block all sessions except traffic to the specified remote server.

[JeffVCS]

Thanks! I'll give that a shot.