Blocked-Hosts not working

Murus
Post Reply
mabadjiev
Posts: 2
Joined: Mon Nov 02, 2015 6:16 pm

Blocked-Hosts not working

Post by mabadjiev » Mon Nov 02, 2015 7:13 pm

From the manual, I read:
Group blocked-hosts:
This group can't be deleted or renamed but its content can be modified. You can manually add or remove addresses. This group is blacklisted and cannot be removed from blacklist. All connections from/to contained addresses will be blocked. This group is also used for the interaction between Murus and other applications such as Murus Logs Visualizer, Murus Services and third party apps and/or scripts making use of Murus Agent or other tools. For example if you select an address in Murus Logs Visualizer and choose to black list it, then Murus will put this IP in this special group.

However I entered few IPs on certain services in and out and none of the services were blocked.

Is this a bug or a feature...?

Any help will be greatly appreciated.

Thanks for your time.
Michael Abadjiev

hany
Posts: 445
Joined: Wed Dec 10, 2014 5:20 pm

Re: Blocked-Hosts not working

Post by hany » Mon Nov 02, 2015 7:25 pm

However I entered few IPs on certain services in and out and none of the services were blocked.
I'm sorry but this is not clear. What you mean by "entered few IPs on certain services"? There's no way to "enter IPs on services" in Murus. You can assign groups to services, but not the "blocked-hosts" group. "None of the services were blocked" because that's not the way to block services.
Probably you missed the purpose of this group. This is empty by default, and can be populated manually (adding IPs from murus) or from external apps. IPs included in this group will be completely blocked. It means that all connections from/to this IPs, for all services, are blocked. It is a way to "black list" IP addresses. So there is no specific service involved in this.
If you want to block services you have to manage them and create your custom groups or using all default groups (except "blocked-hosts") like explained in the manual and video tutorials.
I suggest you to have a look at both :)

mabadjiev
Posts: 2
Joined: Mon Nov 02, 2015 6:16 pm

Re: Blocked-Hosts not working

Post by mabadjiev » Wed Nov 04, 2015 3:03 am

Sorry, I was not clear.
So what I did is, I've entered few IP in the 'blocked-hosts' group, but they were not blocked. So I restarted Murus and it worked as expected - they were blocked. I was expecting to be blocked instantly, but realized that the firewall must be notified somehow for these entries. So it's all good now.
Thanks for your fast response.

hany
Posts: 445
Joined: Wed Dec 10, 2014 5:20 pm

Re: Blocked-Hosts not working

Post by hany » Wed Nov 04, 2015 4:23 pm

You are welcome :)
Yes, after adding addresses to a group you have to click PLAY in Murus toolbar to reload PF rules and tables (in this case the only thing we need is to update PF tables, not rules). Usually you have to click PLAY every time you modify something in Murus configuration, in order to apply rules.
One of the few exceptions to this behavior is when blocking addresses from Murus Logs Visualizer. In this case Murus will ask you for confirmation with a dialog, and then will put addresses in both Murus configuration ("blocked-hosts" group) and runtime PF tables without requiring you to click PLAY in the toolbar.

Post Reply