Welcome, Guest. Please login or register.
Did you miss your activation email?
Thursday 19 December 2024, 09:55:16 am

Login with username, password and session length

CLICK HERE for the The official Endian Roadmap and Issue tracker
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  EFW SMTP, HTTP, SIP, FTP Proxy Support
| | |-+  Selected blocking of htpps port
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Selected blocking of htpps port  (Read 18854 times)
cavillarba
Jr. Member
*
Offline Offline

Posts: 6


« on: Wednesday 17 August 2011, 04:30:33 pm »

Hi,

I setup my endian firewall to block https port except for yahoo mail using the its ip address, but still won't work. (see attached configuration)

Could someone help. Thanks

CESAR
Logged
speccompsol
Full Member
***
Offline Offline

Posts: 44


« Reply #1 on: Thursday 18 August 2011, 12:48:28 am »

You may need to add more of the Yahoo IP Addresses . . . .

Yahoo Mail Server IP Addresses
emailquestions.com/yahoo-mail/2390-yahoo-mail-server-ip-addresses.html

Full List
public.yahoo.com/~carloc/ymail.html
Logged
cavillarba
Jr. Member
*
Offline Offline

Posts: 6


« Reply #2 on: Thursday 18 August 2011, 12:23:22 pm »

Hi speccompsol;

Thanks for your reply. I'm doing the other way around. Instead of disabling the https protocol, i created #2 new firewall rule to deny facebook only and blocking its IP addresses but i noticed that there are varied/dynamic facebook IP's.

The rule i created(see attached), i think it's not working since clients can still access facebook.com.

Pls. help.

CESAR
Logged
Galas
Full Member
***
Offline Offline

Posts: 14


« Reply #3 on: Wednesday 05 October 2011, 04:32:25 am »

Apparently there is no way to succesfully block https to facebook and other urls with the content filtering in proxy settings.
If you block port 443 you can't browse using https, but that means you can't use ANY secure banking website, etc

Im on a similar path than yours, looking for efficient solution.
Logged
rosch
Full Member
***
Offline Offline

Gender: Male
Posts: 20



« Reply #4 on: Wednesday 16 May 2012, 11:41:45 am »

You can successfully block https websites knowing their IP addresses. There can be a lot though. They all have to be put in an outgoing firewall rule.
A nice thing here would be to redirect those accesses to a friendly error page instead of the browser trying to load the page until either the final time-out happens or the page just stays blank.

I have not been able to find a way to only block an outgoing firewall rule by a schedule..I guess that has to be done manually with iptables.
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 17 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com