Build: 11.0.1~svn20150118r39522release11.0-1wheezy
Kernel: 3.2.0-4-untangle-amd64
Do these firewall filters work with traffic coming from the WAN? I have tried about every combination of *iPhone* and *Mac* and I can't get these firewall filters to ever match.
For example, I am filtering traffic to an apache web server. I only want iPhone clients to be able to access it. My logs grabs the agent string:
70.195.x.x - - [21/May/2015:21:07:22 -0500] "GET squirrel.png HTTP/1.1" 200 666008 "http://domainname.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4"
but still I can't get these rules to ever match. I have tried *iPhone* *Mac* *X* and even *M* and none of these ever match. It isn't just iPhones either, when I try to match *Mozilla* it still doesn't work even when using browser that should match that string. Anyone have some working examples?
I spun up pfSense and it works fine when I select MAC OS from the firewall list, so it just must be me not understanding how these portions of the firewall work. If I remove the 'http client user agent' requirement, everything works just fine.
Kernel: 3.2.0-4-untangle-amd64
Do these firewall filters work with traffic coming from the WAN? I have tried about every combination of *iPhone* and *Mac* and I can't get these firewall filters to ever match.
For example, I am filtering traffic to an apache web server. I only want iPhone clients to be able to access it. My logs grabs the agent string:
Quote:
70.195.x.x - - [21/May/2015:21:07:22 -0500] "GET squirrel.png HTTP/1.1" 200 666008 "http://domainname.com/" "Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4"
I spun up pfSense and it works fine when I select MAC OS from the firewall list, so it just must be me not understanding how these portions of the firewall work. If I remove the 'http client user agent' requirement, everything works just fine.