USE WITH CAUTION!
IC full bypass
[IC]
firewall_allow_processes = .*example_process\.exe
Example: .*skype\.exe
IP Bypass
[IC]
firewall_allow_addresses = ?\.?\.?\.?
Program bypass
[IC]
firewall_allow_processes = .*??????\.???,
Program bypass by signature (certificate)
[IC]
firewall_allow_processes_certsubject_tcp_udp =.*certificate name,
EX: firewall_allow_processes_certsubject_tcp_udp =.*TeamViewer,.*LogMeIn,.*Elsinore Technologies,
IC Proxy
[IC]
spy_proxy_enable=1
Android full Bypass
+ip4_bypass[]=0.0.0.0/0
Android IP Bypass
+ip4_bypass[]=?.?.?.?
MDM Domain Bypass
+_domain_bypass_exception[]=domain.com
MDM Allow Task Manager (if filter is killed by task-manager then parts of filter/apps might not function properly)
_taskmanager=true
Whatsapp Advanced Config
Caution! This will delete the content in the folders (images/videos). To prevent this back-up the data there on an external source or cloud manually, not through the built in option from Whatsapp
To Block Whatsapp Videos with MDM
_whatsappvideos=false
To Filter Whatsapp Images with MDM
_whatsappimages=false
To Block Whatsapp Images with MDM
_whatsappimagesblocked=true
To Block Whatsapp Status with MDM
_whatsappstatus=false
——————————————————————————————————————————————
_debug_log = Debug
_allow_hotspot = true/false
_otaupdate = true/false (Allows or blocks system updates)
_otaupdateapk = true/false (Allows or block filter app update)
_taskmanager = true/false (Allows or blocks hotspot)
_domain_bypass_exception[]=site.com
Starting with MDM 16 there are some new rules, the most important are:
_use_server = us/eu/ca/is/au (Moves the user to the to the selected filtering server)
Important notice regarding this is if, for example the customer has the filter installed with the US server and was moved on the Canada server using _use_server=ca, even if the _use_server=ca command is removed
from his advanced config, the customer will NOT automatically return to the US server.
In case of issues or customer leaving country the best use will be move the user with _use_server and after that remove the command as soon as you can confirm that the change is active.
iOS Full Bypass
^RULE[]=BYPASS:isInNet(dnsResolve(host), “0.0.0.0”, “0.0.0.0”)
iOS IP Bypass
^RULE[] = BYPASS:isInNet(dnsResolve(host), “***.***.***.***”, “255.255.0.0”)
iOS Domain Bypass
^RULE[] = BYPASS:dnsDomainIs(host, “??????????????”)
iOS URL Bypass
^RULE[] = BYPASS:shExpMatch(url, “*?????????????*”)
iOS URL BLOCK
^RULE[] = BLOCK:shExpMatch(url, “*?????????????*”)