Protocol Control FAQs

From UntangleWiki

How do I add a protocol to Protocol Control?

Protocol Control provides numerous default protocols that you can block, but if you want to block a protocol that Protocol Control doesn't list, you must add that protocol. To add a protocol you must provide Protocol Control the protocol's signature. To determine the signature, you must analyze the packets, and this process can be tricky. Contact Untangle Technical Support to request the signature.

I've already installed the Firewall. Isn't Protocol Control redundant?

The Firewall application works to block traffic for IP addresses and/or ports. For well-behaved applications (such as legitimate web and email servers) the port can be used to identify the protocol. However, less legitimate applications may use different ports, or malicious users may deliberately use unwanted services on obscure ports.

Protocol Control scans all traffic, looking for a match even if traffic was not transported across the expected port for that protocol.

I want to block a file sharing protocol for some of my users but not all. How can I do this with Protocol Control?

The Protocol Control cannot by itself filter just for some machines, and not others. However, you can create new Policies and Virtual Racks (See Policy Management) to partition some of your users through Protocol Control with [some file sharing protocol] blocked and not others.