EFW Support

Support => EFW SMTP, HTTP, SIP, FTP Proxy Support => Topic started by: oshimapt on Tuesday 13 March 2012, 04:48:39 am



Title: HTTP PROXY content filter 2.5.1
Post by: oshimapt on Tuesday 13 March 2012, 04:48:39 am
hello,

i´m testing the endian to use it as http proxy, the problem is that the content filter is not working at all. i don't know why, but it just ignores everything that i put on the black list.

i've created a custom content filter to block, for ex: facebook. it just ignores and i can access the site.
in the firewall menu i blocked all traffic from http and https.

the point is to block all trafic expect some urls. i can't evem block all traffic... please help me

best regards,

Rui Faias


Title: Re: HTTP PROXY content filter 2.5.1
Post by: mangthjik on Tuesday 13 March 2012, 06:10:37 pm
please check at a service menu conten filtering is running.


Title: Re: HTTP PROXY content filter 2.5.1
Post by: AussieBloke on Wednesday 14 March 2012, 01:00:25 am
You have to do 2 things.

1. Create a new Content Filter group. (Avoid modifying the default one). Then make any modifcations to the new Content Filter group. You will have to save the changes & then apply them.
2. Create a Access Policy using the new Content Filter


Title: Re: HTTP PROXY content filter 2.5.1
Post by: oshimapt on Saturday 17 March 2012, 02:27:13 am
i've installed it again from scratch.
it worked for about 20 min..

it was blocking everything less the white listed sits. i dont know how or why it just stoped filtering...


Title: Re: HTTP PROXY content filter 2.5.1
Post by: endianupdate on Thursday 19 April 2012, 04:10:36 am
Normally the content filter works reliably so possibly there is a configuration error on your EFW.

For the proxy (transparent or non transparent) you do not need a firewall rule to allow or deny http as this will be handled by the proxy. So make sure that any rule allowing or denying http is disabled (no green tick)

Then make sure that both the 'content filter' and 'web proxy' services are running

Make sure you have a content filter profile defined, proxy > contentfilter (the default is called content1)
Edit the content1 profile and under 'custom black and whitelists' enter the domain in the 'block the following sites' box e.g. facebook.com
update the profile and apply the settings

Now check you have an access policy for this content filter profile, proxy > access policy, you should have a policy at position 1 like the following;

source type : zone
select source zone : green, orange, blue
destination type : any
access policy : allow access
filter profile : default profile (content1)
enable policy rule
position : first position

create policy and apply the settings

This should now block all access to http://www.facebook.com

You can check the proxy and content filter live logs to make sure you can see the proxy and content filter working

Hope this helps



Title: Re: HTTP PROXY content filter 2.5.1
Post by: stryker101ph on Saturday 05 May 2012, 07:47:27 pm
I got the same problem. I already follow the above instruction but still, the blacklist filter didn't work for me. I could still access the sites listed in my blacklist.


Title: Re: HTTP PROXY content filter 2.5.1
Post by: rosch on Sunday 13 May 2012, 03:15:37 am
I'm having the same problem, the blocklist is not enforced..
I'm using 2.4.1 but the issue might be related.

Unfortunately this is not helping:
Code:
/etc/init.d/emi restart
/etc/init.d/dansguardian restart
Also, bug #2676 is still an issue for me so I guess it's related.
bugs.endian.com/view.php?id=2676


Title: Re: HTTP PROXY content filter 2.5.1
Post by: Di4bLo on Tuesday 09 June 2015, 11:10:26 pm
Probably you have the HTTPS + Proxy issue.

Try to apply the filter to an HTTP website (Facebook is HTTPS). 
HTTPS passes through filters without problems.