what is the matter with this firewall?? Blocking by hostname is not working

I’m getting very aggravated!! >:(

I am trying to block this host name [b]http://www.mefeedia.com/anchorfree[/b] and I can’t seem to be able to do so!

I have hotspot shield installed and whenever it connects to the internet I am redirected to THEIR search site and I AM TRYING TO BLOCK IT.

I have created rules for every aspect of the program and for firefox

block IP in/out
source address (hostname) http://www.mefeedia.com/anchorfree
destination any
protocol any.

Ok, that doesn’t work, so I created a global rule

Block and log tcp/udp in/out
source address (hostname) http://www.mefeedia.com/anchorfree
destination any
protocol any.

I still get redirected.

So any idea why this is not working?

[attachment deleted by admin]

Added the hostname to the blocked zones. Now it is blocked.

but why wouldn’t an application rule or global rule block it too?

The problem is that you’re attempting to block the entire URL. The hostname is merely the www.mefeedia.com portion.

./anchorfree is evaluated at the server.

Hey aweir

have you tired to stealthen you ports? if you haven’t then this is how you do it. CIS —> Firewall —> Stealth Ports Wizards → Block all incoming connections and make my ports stealth for everytone

I will check the website and come back with results.

Regards,
Valentin

Another thing is specifying a rule in/out with any arrbitrary IP address specified for either source or destination (or both). If the source IP address is in the cloud, how is it posible that can be outbound from the host? Its not, it can only be an out rule. CIS has always been flakey about that. The only time in/out is a valid rule is when source and destination are both any.

Unless inbound is epxlicitely required for any arbitrary app, only oubound rules are required to be specified, i.e., source NIC to dest IP address (and src dest ports as appropriate). As far as the IP protocol, an outbound rule can be either TCP, UDP (0r both), ICMP or by IP (backstop generic protocol).

Stealth ports won’t affect browsing…