Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 28 December 2024, 02:12:56 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Block specific clients from accessing the Web
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Block specific clients from accessing the Web  (Read 70889 times)
timoteob
Jr. Member
*
Offline Offline

Posts: 9


« on: Wednesday 23 February 2011, 02:26:12 am »

I want to block two clients from accessing the web using Endian.

I tried to create and outgoing firewall rule using the follow parameters:

Source: IP address of clients
Destination:  Red
Service:  HTTP/80
Policy:  Deny

I was sure to apply the rule after creating it, however, the client can still access the web.  Does anyone know how to block this type of traffic?

Thank you in advance.

Timoteo
Logged
jneundorf
Jr. Member
*
Offline Offline

Posts: 2


« Reply #1 on: Saturday 26 February 2011, 08:31:44 am »

This may be a dumb question, but have you checked that the rule you created is list ahead of any other rule that could be overriding it?  I believe it's first rule wins.
Logged
AussieBloke
Full Member
***
Offline Offline

Gender: Male
Posts: 37



« Reply #2 on: Sunday 27 February 2011, 12:54:42 pm »

In addition to jneundorf.

Ensure the client computers use the same IP address. Either manually assign the IP or add it as a reservation. Be aware, the person using the computer can change the IP address and gain access to the internet.

If you want to stop users from accessing the internet, use non transparent proxy.
Logged
timoteob
Jr. Member
*
Offline Offline

Posts: 9


« Reply #3 on: Wednesday 02 March 2011, 12:32:11 am »

jneundorf,

Thank you for replying.  The rule I created was last; for some reason I thought the last rule takes precedence.   I will try moving the rule to the top of the list and see if that makes a difference. 


AussieBloke,

Thank you for the information, I checked Configuration tab under HTTP proxy setting and it is already set to "non-transparent proxy".  Is there some thing else that I must do to get this to work?

Timoteob
Logged
timoteob
Jr. Member
*
Offline Offline

Posts: 9


« Reply #4 on: Wednesday 22 June 2011, 02:23:18 am »

Ok, I figured out the solution to the problem.  I am posting because I hate when these thread hang on with no solution. It seems as though you cannot block HTTP traffic using the out going firewall.  You have to use the HTTP proxy server.  Once I set up an access policy blocking web access for those clients everything worked fine. 
Logged
alex_t
Full Member
***
Offline Offline

Posts: 15


« Reply #5 on: Wednesday 22 June 2011, 10:16:45 pm »

Quote
Source:  HTTP/80
Are you sure, that it shouldn't be Dest: HTTP/80?
Logged
whoiam55
Full Member
***
Offline Offline

Posts: 71



WWW
« Reply #6 on: Thursday 23 June 2011, 01:19:45 am »

You also need to block access from Firewall module.
Logged

सत्यमेव जयते!
timoteob
Jr. Member
*
Offline Offline

Posts: 9


« Reply #7 on: Thursday 23 June 2011, 10:49:44 pm »

Quote
Source:  HTTP/80
Are you sure, that it shouldn't be Dest: HTTP/80?

Ops, I made a typo, it should actually be Service:  HTTP/80

Quote from: whoiam55
You also need to block access from Firewall module.

Thank you for the input, but I am not sure if that is correct.  I completely deleted my original outgoing firewall rule (the one from my first post) when I implemented the HTTP proxy solution and the clients are not able to access the web.
Logged
susantadutta84
Full Member
***
Offline Offline

Posts: 25


« Reply #8 on: Friday 24 June 2011, 03:45:24 pm »

Do the folowing,

1) Create a outgoing firewall rule base on Source
Type *  MAC addresses of client computer because mac address is fixed for each computer.

place the rule in first position.

source - type mac - computer mac address

destination type-  red

in protocol field - select
   
TCP/80 for http  traffic
TCP/443 for https traffic
TCP+UDP/53 - for dns traffic

action - deny

position - first

Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.125 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com