Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Return to Sender

This feature allows outgoing traffic of SWG to skip default kernel routing. Each reply packet going out

  1. will have same source mac as destination mac in the request packet.
  2. will have same destination mac as source mac in the request packet.
  3. If the reply going out on different interface it came from,  the reply will be redirected to the same interface on which the request came from.

Return To Sender is not applied to:

  • Traffic that is routed using any statically configured routes.
  • Traffic that follows the interface-based routes.
  • OutBound Connections

IMPORTANT - You add a maximum of 200 inbound and 200 outbound IP addresses and ports.

 

  1. Select Configuration > Appliances.
  2. Select Proxies (HTTP(S), FTP, SOCKS, ICAP ...)
  3. In the configuration pane, scroll down to Return To Sender.
  4. Select Return To Sender.
    return_to_sender.png
  5. Select Enable Debug Messages of Return to Sender to enable logging in the kernel modules. Then select to enable debug messages on inbound and/or outbound connections: 
    • Enable Debug Messages of Return to Sender On InBound Connections. 
    • Enable Debug Messages of Return to Sender On OutBound Connections. 
    • You can collect the logs on inbound and outbound redirection separately by using the following command: 
      sudo cat /sys/kernel/debug/tracing/trace_pipe > dump.txt
      Open dump.txt to see the messages.
  6. To create new settings, use one of the following methods:
    • Right-click the configuration pane and click Edit. The settings for Return To Sender in the configuration pane appear. 
      You can configure the IP address and port on which Return To Sender is applied, and select if Return To Sender should be applied to inbound only or outbound connections. 
    • Click Add right away.
      The Return To Sender Port window opens.
      You can configure the IP address and port on which Return To Sender is applied, and select if Return To Sender should be applied to inbound only or outbound connections. 
      return_port.png
  7. Click Ok.

Note: In order to enable RTS on all port and Ips please add 0.0.0.0:0(ipv4) and [::]:0(ipv6) to the RTS table.

 

  • Was this article helpful?