|
Title: Block Unmatched URLīs with non transparent proxy Post by: ogramajo on Monday 18 January 2016, 02:31:38 pm Hi Everyone, Iīm new in this forum, and first would like to thanks in advanced for all your help,
I donīt know hot to make Endian 3.05 beta1, with non transparent proxy and NTLM authentication, block unrated sites, for example I would like to block the following sites wich have no category in c-icap: hola.com ktm.com etc.... Again Thanks for your help. Title: Re: Block Unmatched URLīs with non transparent proxy Post by: mrkroket on Tuesday 19 January 2016, 03:12:09 am There are two ways.
1) Create a rule on HTTP proxy at first (Proxy->HTTP->Access Policy): Position: First Source: ANY Destination Type: Domain Domains (one per line): .hola.com , .ktm.com , Please note that you must add a dot at start of the domain. Also it's very important that you don't mix domains and subdomains. If you use .hola.com don't put either hola.com or vpn.hola.com or anything like that. It will break Squid and won't start (even if the GUI say so). Access Policy: deny 2) Add a custom blacklist on Webfilter Profiles: On Proxy->HTTP->Web Filter, Edit the web profile and search "Custom black- and whitelists" section. Add hola.com and ktm.com on the right side (Block the following sites). Here you don't need to add the dot at start. Title: Re: Block Unmatched URLīs with non transparent proxy Post by: ogramajo on Tuesday 19 January 2016, 10:40:42 am There are two ways. 1) Create a rule on HTTP proxy at first (Proxy->HTTP->Access Policy): Position: First Source: ANY Destination Type: Domain Domains (one per line): .hola.com , .ktm.com , Please note that you must add a dot at start of the domain. Also it's very important that you don't mix domains and subdomains. If you use .hola.com don't put either hola.com or vpn.hola.com or anything like that. It will break Squid and won't start (even if the GUI say so). Access Policy: deny 2) Add a custom blacklist on Webfilter Profiles: On Proxy->HTTP->Web Filter, Edit the web profile and search "Custom black- and whitelists" section. Add hola.com and ktm.com on the right side (Block the following sites). Here you don't need to add the dot at start. Thankīs for your help mrkroket, the thing is that I donīt know all the domains i want to block, what i want to do is to only allow domains that are within the allowed categories in the webfilter section, whatīs not working for me, is that the domains i mentioned before are not listed in any category on the webfilter and their are still allowed, Sorry If iīm not being clear enough, Again thanks for your help. Title: Re: Block Unmatched URLīs with non transparent proxy Post by: mrkroket on Tuesday 19 January 2016, 01:28:25 pm What you need should work this way:
1-Create your webfilter profile. Only allow what you need, and block the rest. 2-Create a rule, Source: ALL, Dest: ALL, Access Policy: Allow, Filter: The one you created. Authentication: User/Group, depends on your NTLM settings 3-This is not necessary, but just in case. Create a second rule to deny ALL, on 2nd position. 4-Apply changes. I must warn you that standard urlfilters on Endian Firewall are very basic, it doesn't catch a lot. If you need updated urlfilters you should check for better filters and replace the ones in /var/signatures/urlfilter/blacklists. What I did some time ago was to add many different urlfilters to endian. For example, download new url filters from http://www.urlblacklist.com/ (only once for free!!), http://www.shallalist.de/ or others, and replace the files on blacklist. Don't delete, just replace or add new ones. |