Excluding an url from sensei packet engin

Comments

2 comments

  • Official comment
    Matt

    Hi pizzulicchio, thanks for reaching out. 

    You're looking to completely 'shun' or 'bypass' packet processing for some domain.

    You can exempt VLANs and/or Network Addresses from packet processing. For that, please see 'Exempted VLANs and Networks under Zenarmor Configuration tab.

    However it's not possible to 'shun' a domain.

    Having said that, you can easily find out which URL is causing this problem via Live Blocked Sessions Explorer. This is a live view of blocked sessions. In the same tab, you can easily whitelist the problematic URL:

    https://www.sunnyvalley.io/docs/opnsense/reporting-analytics/live-session-explorer#allowblock-a-connection

    Hope this helps.

     

    Comment actions Permalink
  • pizzulicchio

    Thank you for your response...
    I'm using the free version of zenarmour add-on into my opnsense... so I can't ad a new policy and I can't change the default policy config because this section isn't editable:
    I have used the live session, but as i have already supposed to be, it's not a policy block but a problem into the deep inspection of the packet that "corrupt" something.
    No block in live session appears

    I don't think that with the licensed version i can resolve my problem.
    What test can i do ?

    0
    Comment actions Permalink

Please sign in to leave a comment.