cancel
Showing results for 
Search instead for 
Did you mean: 
feeeds
Level 9

Rule Logic

Jump to solution

I am using role based access, based on AD membership, and it works great so far.  Running into a rule logic issue, here is my current setup for the problem rule.

line one allow access to url's that match a given whitelist, with action of continue

line two blocks url's whose category is in a category blocklist, with action of block.

How can I allow access to the URL's, but not have the second part of the rule over-ride the first part of the rule?

I am sure this is something easy, like all content in MWG7....

0 Kudos
1 Solution

Accepted Solutions
McAfee Employee

Re: Rule Logic

Jump to solution

You would set the first rule's action to "stop ruleset" which would stop it from processing the second rule (and other rules in the given ruleset).

Alternativley, you could join the rules and say:

IF URL category is in the black list

AND URL is NOT in whitelist

THEN block.

I prefer the first as negative logic (used in second example) is a bit confusing sometimes.

~Jon

0 Kudos
3 Replies
McAfee Employee

Re: Rule Logic

Jump to solution

You would set the first rule's action to "stop ruleset" which would stop it from processing the second rule (and other rules in the given ruleset).

Alternativley, you could join the rules and say:

IF URL category is in the black list

AND URL is NOT in whitelist

THEN block.

I prefer the first as negative logic (used in second example) is a bit confusing sometimes.

~Jon

0 Kudos
feeeds
Level 9

Re: Rule Logic

Jump to solution

thanks Jon,

I had set the rule action as stop cycle, which seemed to work, but stop rule set  seems to work as well.. the difference between the two is hard to grasp.

0 Kudos
McAfee Employee

Re: Rule Logic

Jump to solution

Stop cycle, means stop processing of all rules.

Stop ruleset mean stop processing of rules in a given ruleset.

~jon

0 Kudos