Firewall block can not works normally with 'contains ' rule

firewall
#1

Firewall block can not works normally with 'contains ’ rule.

Below is the rule exp:

(not ip.geoip.country in {“CN”} and http.request.full_uri contains “admin.”)

block

It will alow all access to ‘admin.*.com’ not matter whether I change my ip from CN to US
Do you have any ideas . Thanks.

#2

So you want to block all countries, except for China, for admin.?

Just two notes. If you only want to exclude China ne might be better than not in and if you want to filter the hostname http.host would be better than http.request.full_uri.

(ip.geoip.country ne "CN" and http.host contains "admin.")

Assuming that rule wont work for you either, can you post the actual URL you want to protect?

#3

After use your rule and I change IP to de, it still does not change the access to that url.

#4

Are you sure the rule is enabled and the host in question is proxied?

#5

Yes. It is ‘on’.

#6

Only if I remove ’ contains’ , it works

#7

Well, without the URL it is impossible to say more.

#8

admin url

Ok,The url is above.
the rule is on bellow

(ip.geoip.country ne “CN” and http.host contains “admin”)

BLOCK

#9

It appears the block works just fine.

#10

Thanks. It works now . Using VPN may be better than Using proxy to to change IP for seeing the result.

closed #11

This topic was automatically closed after 30 days. New replies are no longer allowed.