GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Control » Performance request - bind traffic rules to interfaces
Performance request - bind traffic rules to interfaces [message #152381] Fri, 05 August 2022 16:30
tverweij is currently offline  tverweij
Messages: 32
Registered: March 2010
Location: Curacao
The traffic rules have now a source, a destination and an action.

In a lot of cases, I have rules on an IP Group as source.
I all of those cases I know where those connections come from (most of the time: Internet interfaces), but I have no way to specify this.
And because I can not specify this, the traffic rule is checked for all interfaces - and those checks cost performance.

An example:

Source: IPGroup "My Blocked addresses"
Destination: Firewall
Action: Drop

I know that those blocked addresses will always come from the internet, but when I make a connection from a trusted interface to the internet, this rule is executed, wasting resources.

To solve this, we need an extra column where we can specify the interfaces that this rule is bound to (default any interface), so we can prevent processing for no reason.
Previous Topic: Kerio as VPN Client
Goto Forum:
  


Current Time: Thu Aug 18 17:54:04 CEST 2022

Total time taken to generate the page: 0.02864 seconds