12-14-2020, 07:28 PM
(12-14-2020, 11:53 AM)paul Wrote: Regarding log files it looks that Movil_Xiaomi_MiA3_Richi where connected with profile ID 4 at 19:48:45 while bind_queries.log shows queries before this time (19:38:53) with profile ID 2.
If Richi profile ID is 4, I think Movil_Xiaomi_MiA3_Richi device is connected with the right profilHie. You should have logs after 19:48:45 in bind_queries.log that contains "view_profile_4".
Hi,
Thanks for your response.
Indeed, it seems that the connection is established with the correct profile, but I don't know why in the log files it seems that the rules of another profile actually apply ...
In the logs after 19:48:45 it can be seen that the rules of the profile ID = 2 are still applying for the ip 192.168.0.128
Code:
11-Dec-2020 20:13:51.127 client @0x2b71c00 192.168.0.128#50064 (vortex.data.microsoft.com): view view_profile_2: query: vortex.data.microsoft.com IN A + (192.168.0.20)
11-Dec-2020 20:13:54.825 client @0x2b71c00 192.168.0.128#50765 (aefd.nelreports.net): view view_profile_2: query: aefd.nelreports.net IN A + (192.168.0.20)
11-Dec-2020 20:14:02.624 client @0x2664b28 192.168.0.128#52266 (music.amazon.com): view view_profile_2: query: music.amazon.com IN A + (192.168.0.20)
11-Dec-2020 20:14:04.294 client @0x260a9a0 192.168.0.128#56949 (vortex.data.microsoft.com): view view_profile_2: query: vortex.data.microsoft.com IN A + (192.168.0.20)
In fact, after some further research, I see that there are some files called acl_profile_{IdProfile} that contain the IPs of the devices that supposedly are assigned to that profile.
I understand that the process that applies the rules must look in these files for the IP of the connection to establish the rules that it must apply ... And curiously, the file acl_profile_2.conf contains the IP of all connected devices, not just those of the devices assigned to the profile.
All the queries in the log file are being done on view_profile_2 and not on the profile that has been assigned to the device.
I have tried to modify these files manually, but it seems that the application modifies them and includes again the IPs that I have deleted ...