Welcome, Guest. Please login or register.
Did you miss your activation email?
Friday 27 December 2024, 11:41:39 pm

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  HTTPS filtering NOT working on Proxy NON transparent
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: HTTPS filtering NOT working on Proxy NON transparent  (Read 23488 times)
Galas
Full Member
***
Offline Offline

Posts: 14


« on: Wednesday 04 February 2015, 01:12:56 am »

Here is my problem.

I have an endian firewal 2.5.1 running on an HP Server Xeon Quad core, 8GB RAM

Suddenly HTTPS filtering no longer works.

For instance, i can't browse http://youtube.com but I CAN browse https://youtube.com

Some more information:

- Port 443 is blocked in firewall, allowed in proxy configuration just like Port 80
- Originally worked as intended. It means something changed and now it doesn't filter https anymore
- There are multiple profiles, some people is allowed to do so, so blocking it with DNS proxy or hosts file is not possible.
- I have another setup very similar to this one, on another site, and works as intended ( filters both http and https versiones of the same website if it's blacklisted)
- I have read other threads with similar problems, but all point out the problem in transparent mode, I am using non transparent and was using it for a while with no problems whatsoever.

Any clue or insights?
Is there something I should look for?

Thanks in advance.
Logged
Galas
Full Member
***
Offline Offline

Posts: 14


« Reply #1 on: Friday 06 February 2015, 11:30:09 pm »

Any insights?
Logged
phqr58
Full Member
***
Offline Offline

Gender: Male
Posts: 31


« Reply #2 on: Wednesday 11 February 2015, 01:37:33 pm »

Endian community 2.5.X does not filter https://youtube.com. What you do is fine by blocking the firewall, but google adds more ip addresses to https://facebook.com https://youtube.com. The work we do is monitor the firewall log and see the ip addresses and add them to the firewall.

These ip addresses have put in outbound firewall to block certain ip addresses.
If you want to block the entire network PROXY DNS is used.
Within these ip addresses are also https://google.com, what I have done is to allow the country just google for example https://www.google.de/

Youtube
50.76.50.112/28
65.201.208.24/29
65.204.104.128/28
66.93.78.176/29
66.92.180.48/28
66.199.37.136/29
66.220.144.0/20
67.200.105.48/30
69.63.176.0/20
69.171.224.0/19
72.21.91.29
74.119.76.0/22
173.252.64.0/18
204.15.20.0/22
201.218.56.216
91.209.243.160
201.218.56.251
216.58.219.77
64.233.185.94
31.13.69.80
31.13.73.1
173.194.113.136
181.198.79.251
181.198.58.29

Facebook

173.194.63.139
173.194.138.74
181.198.58.30
181.198.79.173
216.58.219.100
134.170.165.253
201.218.56.227
201.218.56.238
181.198.79.173
201.218.56.218
31.13.73.1
31.13.65.1
181.198.79.134
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com