Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

bloking game

hi, i am from turkey an i use fortigate 200a, 60c, and 110c. but we can' t bloking www.hakkarim.net/ games. we blocking site but the site use a little exe program. an we cant blocking. for exe prog i create a rule source-all dest-(site ip adresses) and action block, but site change ip adresses everyday. i think site use a lot of ip adresses (about 100 ip) can you halp me please
9 REPLIES 9
Fullmoon
Contributor III

I checked the app control but it seems I cant see anything pertains to " hakkarim" have you tried to create App Control and set the Category to GAME, Applications set to APPLCATIONS and set the Action to BLOCK. (see the attached file) Apply this App control profile to the the policy (internal-wan) were you want to block hakkarim games. Let us know the result. Thanks

Fortigate Newbie

Fortigate Newbie
hidayet
New Contributor

Hi arsen816, Prohibiting the following ports and addresses you try? From 2500-5000 ports (tcp / udp) 91.191.166.0 95.154.242.0 config webfilter urlfilter edit 1 edit " hakkarim.net" set action block set type regex
http://www.hidayetaltun.com
http://www.hidayetaltun.com
Not applicable

hidayet hocam merhaba, ingilizcem pek iyi değil belki meramımı tam anlatamadım. benim cihaz üzerinde hakkarim için yaptığım ayarlar aşağıdaki gibi bugün için bağlanmıyor hakkarim nete ama 2 gün sonra bir bakıyorsun farklı bir ip ile bağlanıyor. ayrıca app list game all block web üzerinden giriş yok ama programlar özellikle yeni versiyonunda girilebiliyor edit " Hakkarim1" set subnet 91.191.166.0 255.255.255.0 next edit " Hakkarim2" set subnet 95.154.242.0 255.255.255.0 next edit " hakkarimWANip" set subnet 213.128.75.196 255.255.255.255 next edit " hakkarimWANip2" set subnet 213.128.75.198 255.255.255.255 next edit " hakkarimWANip3" set subnet 212.118.234.140 255.255.255.255 next edit " hakkarimWANip4" set subnet 65.54.61.128 255.255.255.255 next edit " hakkarimWANip5" set subnet 213.128.75.228 255.255.255.255 next edit " hakkarimWANip6" set subnet 213.128.75.221 255.255.255.255 next edit " hakkarimWANip7" set subnet 95.154.242.41 255.255.255.255 next edit " hakkarimWANip8" set subnet 95.154.242.42 255.255.255.255 next edit " hakkarimWANip9" set subnet 213.128.75.217 255.255.255.255 next config firewall addrgrp edit " Hakkarim_Ip_Group" set member " Hakkarim1" " Hakkarim2" " hakkarimWANip" " hakkarimWANip2" " hakkarimWANip3" " hakkarimWANip4" " hakkarimWANip5" " hakkarimWANip6" " hakkarimWANip7" " hakkarimWANip8" " hakkarimWANip9" next next edit " hakkarim" set action block set type regex next config firewall service custom edit " hakkarim" set protocol TCP/UDP/SCTP set tcp-portrange 2358 set udp-portrange 2358 set sctp-portrange 2358 next edit " hak2" set protocol TCP/UDP/SCTP set tcp-portrange 2851 set udp-portrange 2851 set sctp-portrange 2851 next edit " hak3" set protocol TCP/UDP/SCTP set tcp-portrange 3196 set udp-portrange 3196 set sctp-portrange 3196 next edit " hak4" set protocol TCP/UDP/SCTP set tcp-portrange 1863 set udp-portrange 1863 set sctp-portrange 1863 next edit 14 set srcintf " dmz2" set dstintf " wan1" set srcaddr " deny group" set dstaddr " all" set schedule " always" set service " ANY" next edit 20 set srcintf " dmz2" set dstintf " wan1" set srcaddr " all" set dstaddr " Hakkarim_Ip_Group" set schedule " always" set service " ANY" edit 21 set srcintf " wan1" set dstintf " dmz2" set srcaddr " Hakkarim_Ip_Group" " deny group" set dstaddr " all" set schedule " always" set service " ANY"
ede_pfau
SuperUser
SuperUser

@hidayet: ' type regex' will conflict with the dot in " hakkarim.net" . Either choose " type simple" or specify " hakkarim\.net" .

Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
hidayet
New Contributor

you' re right.
http://www.hidayetaltun.com
http://www.hidayetaltun.com
hidayet
New Contributor

Port aralığını biraz geniş tutup denersen olacaktır. Diğer ayarların doğru. tcp/udp 2500-5000 arası portları blocklayıp denermisin
http://www.hidayetaltun.com
http://www.hidayetaltun.com
Not applicable

2500-5000 Portlarını blokladım şimdilik problem yok. bu problem app cont. game listesine eklenemez mi peki teşekürler
hidayet
New Contributor

Durumdan haberdarlar zaten, Belki önümüzdeki günlerde çıkaracakları patch içine ekleyebilirler
http://www.hidayetaltun.com
http://www.hidayetaltun.com
ede_pfau
SuperUser
SuperUser

I' m not picky or anything but this is an international forum with readers from all over the world. Would be nice to let others follow this thread as well who are not capable of speaking Turkish. It might be helpful for them as well. Or switch to private mail.

Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Labels
Top Kudoed Authors