Project

General

Profile

Feature #8171

Close TCP connections if associated rule just has been disabled

Added by csphoenix1 X 11 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Rules/NAT
Target version:
Start date:
12/07/2017
Due date:
% Done:

0%

Estimated time:

Description

Hi !

Sometimes, I need to block a machine to prevent it from having access to the internet.

The problem is that if the machine have already open a TCP session with a machine on the Internet, create a "block rule" will not kill the TCP session, and the machine will have still having access to the internet.

So, I was thinking about a feature that could purpose to kill the opened TCP connections which doesn't match a "pass rule"?
Like that, I would be sure that there will be absolutely no "illegal" TCP sessions which willdoesn't respect the current rule policy.

PS : I saw the "Reset States" feature in the Diagnostics > States page, but this feature kill ALL the opened TCP sessions, so it's problematic for "legaly" TCP sessions opened.

Thank you !

:)

Also available in: Atom PDF