Author Archives: WFilter

WFilter MultiPing: how to ping multiple hosts and get report diagram?

Leave a reply

A new extension of WFilter, multiping, is recently released.

This extension can ping multiple hosts at a time, with a graph statistics. With this extension, you can monitor the network performance of your servers, even for a whole day.

Settings and screenshots of WFilter multiping extension

Define hosts to be monitored.

Diagram of history ping performance.

This extension can be installed in “WFilter Enterprise”, “WFilter Free” and “WFilterROS”.

Homepage: WFilter multiping extension

Document: Graph ping performance of multiple hosts

How to block IDM in network? WFilter added support for blocking IDM.

Leave a reply

Internet Download Manager (IDM) is a Multi-threaded application that
breaks a file into many small parts and starts to simultaneously
download all of these parts. It can consume a lot of your bandwidth when downloading multiple large files.

With WFilter, you can block IDM downloading completely.

The settings are very simple. You only need to edit your blocking policy, and set “IDM” to “Deny” in “Applications”.

In “Connections”, you will see IDM connections are “terminating”.


IDM will report failure in a few seconds.

A protocol description of IDM can be found at: How to block IDM, IDM port and protocol description. Please note that downloading from https with IDM can also be blocked.

Web filter can not block youtube via chrome browser? Try WFilter.

Leave a reply

Since chrome implemented QUIZ to server web requests, it has been a dark period for IT administrators because normal web filter won’t work to filter google/youtube sites. You may check more details at Why is Google’s QUIC Leaving Network Operators in the Dark?   A protocol description of QUIZ can be found at: https://www.chromium.org/quic

Our team has worked out solutions to block QUIZ, so you can get web filter back to working.

For WFilter Enterprise and WFilter Free, you simply need to block UDP port 443 in your router/firewall. Steps to block udp ports can be found at here: http://wiki.wfiltericf.com/Block_udp

For WFilterROS, please check this post: Do not forget to block QUIZ to block youtube and other google sites.

 

Do not forget to block QUIZ to block youtube and other google sites.

Leave a reply

In google chrome, a new protocol named QUIZ, is implemented. The protocol description can be found at https://www.chromium.org/quic

It says QUIZ can improve website performance by 3%. However, because QUIZ is an UDP based encrypted protocol,  domains support QUIZ will not be blocked with WFilter’s web filter.

This issue happens in Chrome browser to Google sites only(including youtube). To make web filter working, you’re recommended to block QUIZ completely.

In pass-by deployment with WFilter Enterprise, you’re recommended to block udp ports “443 -65534″ in your firewall and router.

In WFilterROS, you can block QUIZ in the “app control” module.

Demonstrations of blocking youtube.

When QUIZ is not blocked, you can only see QUIZ traffic when visiting of youtube with chrome.

quic1

Block QUIZ in app control.

quic2

Now “QUIZ” connections are all blocked, and youtube can be blocked by WFilter.

quic3

 

How to block facebook video without blocking facebook?

Leave a reply

Now days, people can not image life without facebook, however, streaming videos in facebook can consume a lot of your bandwidth. Sometimes, you may want to block facebook videos without blocking the entire facebook websites.

WFilter can divide facebook video traffic from other traffic. We defined a new protocol named facebook videos.

This facebook videos protocol can block tls sites fbcdn-creative-a.akamaihd.net, video.xx.fbcdn.net which are hosting facebook streaming.

Steps to setup the blocking policy

1. Edit your blocking policy and click “edit” in “Applications”.

2. Search facebook and set to “status” to “deny”.

Done.

How to use the “punish group” feature in WFilter NG firewall?

Leave a reply

This article will introduce the “punish group” feature of WFilter NG firewall. The punish group is a virtual group, which enables you to:

  • 1. Set punish policies to punished clients. For example: disallow entertainment sites, rate limits to 20K.
  • 2. Add an user to the “punish group” for a limited time.
  • 3. Add multiple users to the “punish group” by WFilter extensions.

Set policies to the punish group

You can set policies to the punish group in “Access Policy” and “Bandwidth”.

“Punish group” is a virtual group. You also can define your own virual group for various temp rules.

Introduction to WFilter NGF’s bandwidth optimize features.

Leave a reply

You will come to the following solutions when your internet bandwidth is insufficient:

Actullay, these three solutions have disadvantages:

  • 1. Without access control, using multiple broadband connections can not bring better experience. It because downloading and streaming can easily consume most of your bandwidth.
  • 2. “Application blocking” can save your bandwidth. However, users experience are impacted. Users will complain about no streaming or downloading.
  • 3. Rate limiting does not optimize your bandwidth. Users will still complain about slow internet speed.

WFilter NG firewall brings a total solution for bandwidth optimization.

1. Powerful access control policy

With “Access Policy” modules, you can block p2p downloading, online streaming, streaming websites. Please check: Access Policy

2. Multi-WAN load balancing and routing

In case you have multiple broadband connections, WFilter NGF’s “Multi-WAN” module can help you to:

  • 1. Load balancing on multiple broadband connections.
  • 2. Setup routing policies. For example, a). business servers are routed to a dedicated connection, b). video sites are routed to another connection.

For more details, please check: Muti-WAN

3. Bandwidth priority

With the “Priority” module, traffic with higher priority goes first. For example, you can set business servers traffic to the highest priority. So even the network is extremly busy, servers bandwidth won’t be influenced.

When installed, there are default rules: email > web > p2p and streaming. You also can customize your own rules.

For more details, please check: bandwidth priority

4. Bandwidth shaper

This module is for you to set bandwidth rate for clients. You can set the rate to ip ranges, user group or department.

Each group have a “maximum bandwidth rate” and “minimum bandwidth rate”. The minimum rate ensures the clients to have this bandwidth rate even the line is busy.

For more details, please check: bandwidth shaper

Try WFilter NGF now: WFilter NG firewall

WFilter NG Firewall, a linux based next generation firewall and routerOS, is released.

Leave a reply

After two years of development, we’re now pleased to announce a new product: “WFilter NG Firewall”, a linux based next generation firewall and routerOS.

WFilter NG Firewall is a routerOS system, which can only be installed in a x86 pc by now. It integrates most features of “WFilter Enterprise”, together with several new features “bandwidth optimizer”, “Multi-WAN”, “user authentication”, “VPN” and others.

WFilter ROS brings you powerful live connection monitoring and access control. Features highlights:

  1. Live connection monitoring and control: you can kill live connections, or add user to the punish group.
  2. URL database supports up to 60+ web categories
  3. Set internet access policy by network, ip address, mac address or username.
  4. Monitor MAC addresses of clients in subnet. Please check: MAC Detector
  5. IP-MAC binding in multi-segments networks. Please check: IP-MAC Binding
  6. Smart bandwidth optimizer and shaper. Please check: Bandwidth Optimizer

Both “enterprise license” or “free license” are supported. The free license is for life-time and has no users limit.

You may download WFilter ROS at: http://www.wfilterngf.com