Welcome
Welcome to vistafirewallcontrol

You are currently viewing our boards as a guest, which gives you limited access to view most discussions and access our other features. By joining our free community, you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content, and access many other special features. In addition, registered members also see less advertisements. Registration is fast, simple, and absolutely free, so please, join our community today!

Wish: clarify enable/disable

Wish: clarify enable/disable

Postby sp4096 » Sun Feb 12, 2017 4:10 am

In Sphinx, enable means allow traffic. Disable means deny packet, right?
1. Could that be clarified by adding allow/deny words?
2. I'd like to see a third option - disable a rule - sometimes needed for temporary debugging. I may add something, it didn't work, I don't yet want to delete what I added, but would like to have this rule ignored.

Why?
On domains tab it really confuses. The Enable checkbox up top implies enforce/don't enforce(ignore) the rules below. But on each individual domain it means allow/block packets.
Anyway, I come from Kerio, Sunbelt, Outpost, LnS, where the three states exist, so the wording in this firewall still confuses me after a year of use. I bet some people might have the same problem and perhaps it's one reason why some find this firewall confusing.
sp4096
 
Posts: 101
Joined: Tue Apr 26, 2016 2:57 am

Re: Wish: clarify enable/disable

Postby VistaFirewallControl » Sun Feb 12, 2017 2:35 pm

>In Sphinx, enable means allow traffic. Disable means deny packet, right?

Generally right

>1. Could that be clarified by adding allow/deny words?

Actually the final decision may be different.
For instance, enabling rule enables an activity on a level.
Another level (please review the rules precedence for the details) or another firewall can make a block, so the final decision will be blocking.
So strictly speaking “enable” does not mean “allow” unconditionally.


>2. I'd like to see a third option - disable a rule - sometimes needed for temporary debugging. I may add something, it didn't work, I don't yet want to delete what I added, but would like to have this rule ignored.

So just uncheck the rule Name in the Zone Editor and the rule will be ignored.


>On domains tab it really confuses. The Enable checkbox up top implies enforce/don't enforce(ignore) the rules below.

Not only, the check manages by-name rules applied to applications as well.
Every individual domain (by-name) rule can be disabled separately too.

>But on each individual domain it means allow/block packets.

On that level only. It depends on the rules precedence.


>Anyway, I come from Kerio, Sunbelt, Outpost, LnS, where the three states exist, so the wording in this firewall still confuses me after a year of use. I bet some people might have the same problem and perhaps it's one reason why some find this firewall confusing.

The mentioned products were “one-level” ones, there were no options to override the settings and the result the settings were not as flexible as possible.
If you have a specific question please do not hesitate to contact us.
Our genuine purpose is creating the product as flexible as possible to make any security policy feasible.
VistaFirewallControl
Site Admin
 
Posts: 1479
Joined: Fri Mar 27, 2009 11:25 am

Re: Wish: clarify enable/disable

Postby sp4096 » Mon Feb 13, 2017 1:36 am

Re 1. I understand now your meaning when it includes levels that the final result might be not allow. Didn't think about it. But there's still something confising about the wording. Oh, well...
Re 2. Circle with a red dot next to priorities? Seems to be so. It shades things out. I've been concentrating on this whole enable/disable thing in my head that missed this one completely. Still, I think calling it rule enable/rule ignore might be clearer in this one instance.
Re "The mentioned products were “one-level” ones, there were no options to override the settings and the result the settings were not as flexible as possible.
If you have a specific question please do not hesitate to contact us.
Our genuine purpose is creating the product as flexible as possible to make any security policy feasible."
Once you explain things like this, it's clearer. And I can see now about the flexibility you packed into this elegant-compact GUI. It's just I miss some of the points on and off. Perhaps tooltips could have a slightly longer wording on all those buttons.

Long ago I saw a rule evaluation flow diagram related to above and would like to take a better look at it now, and I can't find it :(
sp4096
 
Posts: 101
Joined: Tue Apr 26, 2016 2:57 am

Re: Wish: clarify enable/disable

Postby VistaFirewallControl » Mon Feb 13, 2017 1:01 pm

> But there's still something confising about the wording. Oh, well...

The wording is important, but please take into account that after translation to German, French and Italian the wording may be obfuscated even more.
That’s why Enable/Disable were chosen as the most “translatable”

>Re 2. Circle with a red dot next to priorities? Seems to be so. It shades things out. I've been concentrating on this whole enable/disable thing in my head that missed this one completely. Still, I think calling it rule enable/rule ignore might be clearer in this one instance.

Sorry, did not understand what “Circle with a red dot”.
Could you clarify please?


>Once you explain things like this, it's clearer. And I can see now about the flexibility you packed into this elegant-compact GUI. It's just I miss some of the points on and off. Perhaps tooltips could have a slightly longer wording on all those buttons.

No problem. Which ones should be tooltiped?


>Long ago I saw a rule evaluation flow diagram related to above and would like to take a better look at it now, and I can't find it

Was excluded due to complexity and replaced with a simple plain list as Rules Precedence.
VistaFirewallControl
Site Admin
 
Posts: 1479
Joined: Fri Mar 27, 2009 11:25 am

Re: Wish: clarify enable/disable

Postby sp4096 » Mon Feb 13, 2017 10:31 pm

Re: Diagram "Was excluded due to complexity and replaced with a simple plain list as Rules Precedence."
Yup, gazilion nested IFs I imagine. Still a picture would be fantastic to have. Or two-three linked diagrams to follow a path.

Re: circle and tooltips
Well, two places where I'd like to see tooltip wording change:
On the Applications tab Zone icon - I think of it as Current application rules.
Inside the Zone rules, on a specific rule - "circle with a red dot" is to the right of the trash can, edit, up and down priority arrows :).
This circle I see as process/don't process, or use/don't use, or enforce/don't enforce this one rule.
Not to bee confused with the Result box Enable/Disable option which applies to allow/deny trafic (if this rule is hit in the entire precedence scheme including domains).
sp4096
 
Posts: 101
Joined: Tue Apr 26, 2016 2:57 am

Re: Wish: clarify enable/disable

Postby VistaFirewallControl » Tue Feb 14, 2017 1:21 pm

>Well, two places where I'd like to see tooltip wording change:
>On the Applications tab Zone icon - I think of it as Current application rules.

Precisely, the tool tip expanded and will be available in the next build.


>Inside the Zone rules, on a specific rule - "circle with a red dot" is to the right of the trash can, >edit, up and down priority arrows .
>This circle I see as process/don't process, or use/don't use, or enforce/don't enforce this one rule.
?Not to bee confused with the Result box Enable/Disable option which applies to allow/deny trafic (if this rule is hit in the entire precedence scheme including domains).

Actually Zone result is marked as Zone Result, Result of the rule is place in the Rule Details box.
The red circle is on the top of the entire list (as toolbar), so relates to rules.
Could you offer a better wording?
VistaFirewallControl
Site Admin
 
Posts: 1479
Joined: Fri Mar 27, 2009 11:25 am

Re: Wish: clarify enable/disable

Postby sp4096 » Wed Feb 15, 2017 3:33 am

Re "The red circle is on the top of the entire list (as toolbar), so relates to rules.
Could you offer a better wording?"

Maybe one of these:
use/skip (F3)
use/ignore (F3)
include/exclude (F3)
activate/disactivate (F3) (unactivate? inactivate? - hey, english is not my native language)
use:Yes/use:No
process/skip (F3)
I was trying to use short words to match the compact design of that tooltip. Can't think of any more.

I just noticed that the circle with a red dot is really a circle with a red and green dot :)
sp4096
 
Posts: 101
Joined: Tue Apr 26, 2016 2:57 am

Re: Wish: clarify enable/disable

Postby VistaFirewallControl » Wed Feb 15, 2017 11:15 am

Thank you!
We will try to use one of your suggestions.
VistaFirewallControl
Site Admin
 
Posts: 1479
Joined: Fri Mar 27, 2009 11:25 am


Return to What is VistaFirewallControl, features

Who is online

Users browsing this forum: No registered users and 0 guests

cron
suspicion-preferred