Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 16 December 2024, 04:34:17 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14261 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Trouble with Black listing..
0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Trouble with Black listing..  (Read 18280 times)
ufirst
Full Member
***
Offline Offline

Posts: 12


« on: Monday 10 January 2011, 11:04:20 pm »

Hi i'm using endian  release 2.4.0 &
i'm try to block all the sites except specified 5 sites

first i create a new profile under Contentfilter
then i put that 5 allow sites to  "Allow the following sites"box under Custom black- and whitelists category

but when i testing all sites wear allowed to go
if u can plz try to resolve this problem.. thaks
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #1 on: Tuesday 11 January 2011, 02:45:11 am »

Forget content filter profile.

Just create two rules in HTTP Proxy->Access Policy:

First rule allow the 5 sites (starting with a dot, like .microsoft for any Microsoft subdomain, or the full name for an specified subdomain i.e. www.microsoft.com).
Second rule deny all.

That's all.
Logged
ufirst
Full Member
***
Offline Offline

Posts: 12


« Reply #2 on: Tuesday 11 January 2011, 04:11:44 am »

Forget content filter profile.

Just create two rules in HTTP Proxy->Access Policy:

First rule allow the 5 sites (starting with a dot, like .microsoft for any Microsoft subdomain, or the full name for an specified subdomain i.e. microsoft.com).
Second rule deny all.

That's all.

Thanks Dear mrkroket

I'll put that in to test & cme back to u..   Smiley
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #3 on: Thursday 13 January 2011, 03:46:48 am »

It's a simple rule.
First make sure that you enable the HTTP proxy and set up to transparent mode.

After that go to Proxy->HTTP->Access Policy.
Delete all rules if there is any.

Create a rule:
  Source Type: ANY
  Destination type: domain
   On insert Domains:  .microsoft.com
                                    .google.com
                                   etc etc
   (domains always with a starting dot)
Press Create Policy

Create a second rule:
  Source Type: ANY   
  Destination Type: ANY
  Access Policy: Deny Access
  Position: Last Position

The second one isn't really necessary, just to make sure you block all.
Save and test.
Logged
TheEricHarris
Full Member
***
Offline Offline

Posts: 86


« Reply #4 on: Friday 14 January 2011, 10:41:17 am »

I do this by creating a policy and putting ** in the blocked sites box.  Then I put the sites I want to allow in the allowed list.  Then create an access policy with the ip/network/mac and associate it with the policy you created in step1.
Logged
ufirst
Full Member
***
Offline Offline

Posts: 12


« Reply #5 on: Friday 14 January 2011, 07:09:55 pm »

It's a simple rule.
First make sure that you enable the HTTP proxy and set up to transparent mode.

After that go to Proxy->HTTP->Access Policy.
Delete all rules if there is any.

Create a rule:
  Source Type: ANY
  Destination type: domain
   On insert Domains:  .microsoft.com
                                    .google.com
                                   etc etc
   (domains always with a starting dot)
Press Create Policy

Create a second rule:
  Source Type: ANY   
  Destination Type: ANY
  Access Policy: Deny Access
  Position: Last Position

The second one isn't really necessary, just to make sure you block all.
Save and test.

Thanks Dear mrkroket

It's working great ....
 Smiley Smiley Smiley Grin Grin

i'm really appreciate ur help..
Logged
mza122
Jr. Member
*
Offline Offline

Posts: 1


« Reply #6 on: Friday 09 September 2011, 05:52:34 pm »

Thanks mrkroket, your suggestion worked correctly for me but there is a problem that allowed websites not displaying images..it opening in only text mood and https sites are also not opening, its giving 403 forbidden error for https sites,
plz help
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #7 on: Wednesday 14 September 2011, 12:25:10 am »

On transparent proxy the HTTPS traffic doesn't go through the proxy, it uses the Outgoing Firewall rules.

So you can't filter HTTPS on a transparent proxy (it should be considered a man in the middle attack), you must create the appropiate firewall->Outgoing firewall rules to allow or block https traffic.

About the displaying images, usually modern websites uses 2 domains, one for active content (sending cookies) and another for static content. It saves traffic.
So check if the website aren't using external domains (usually amazon S3 or similar)
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.141 seconds with 21 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com