Blocking a site permanently
2Modify the default
preferences.
For a description of each control,
3Click OK.
Blocking a site permanently
The WatchGuard
Use Policy Manager to block a site permanently. The default configuration blocks three network addresses – 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. These are the “unconnected” network addresses. Because they are for private use, backbone routers should never pass traffic with these addresses in the source or destination field of an IP packet. Traffic from one of these addresses is almost certainly a spoofed or otherwise suspect address. RFCs 1918, 1627, and 1597 cover the use of these addresses.
The Blocked Sites list applies only to traffic on the External interface. Connections between the Trusted and Optional interfaces are not subject to the Blocked Sites list.
From the Policy Manager:
1On the toolbar, click the Blocked Sites icon.
You can also select Setup => Blocked Sites. The Blocked Sites dialog box appears.
2Click Add.
3Use the Choose Type drop list to select a member type.
4Enter the member value.
Depending on the member type, the value can be an IP address, host name, or username.
5Click OK.
The Blocked Sites dialog box appears, displaying the new member in the Blocked Sites list.
Removing a blocked site
From the Blocked Sites dialog box, select the site to remove, and then click Remove.
Changing the auto-block duration
From the Blocked Sites dialog box, either type or use the scroll control to change the duration, in minutes, that the firewall automatically blocks suspect sites. Duration can range from 1 to 32,767 minutes (about 22 days).
Logging and notification for blocked sites
From the Blocked Sites dialog box:
1Click Logging.
The Logging and Notification dialog box appears.
44
