Welcome, Guest. Please login or register.
Did you miss your activation email?
Monday 30 December 2024, 06:39:41 am

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Bug or Misconfiguration of Firewall
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Bug or Misconfiguration of Firewall  (Read 11535 times)
palash
Jr. Member
*
Offline Offline

Posts: 4


« on: Tuesday 21 February 2012, 11:26:28 pm »


Hello

Since many time I'm facing a bug or miconfiguration I dont know, I kept open the 443 port for all user.

I blocked social sites for all users, but even though they can access the site...

When user input normal address  (ie. example, com) he cant open the site.... But when he append "https" example.com He can access the site.

Have you guys any idea related to my problem?

its snatching my hair now......

Please help me..........
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #1 on: Friday 24 February 2012, 03:17:47 am »

Snatch, snatch.

By design transparent HTTP proxy can't filter HTTPS. Otherwise it would be considered a man in the middle attack.
With transparent proxy, HTTPS is handled by firewall rules, not by proxy rules.

So you need to either block example.com by DNS, or block example.com IP's
Logged
palash
Jr. Member
*
Offline Offline

Posts: 4


« Reply #2 on: Friday 24 February 2012, 04:30:04 pm »

Actually Firewall is filtering the domain(facebook.com, linkedin.com) which are blocked, and user cant access that.

But the problem is that when user append "https" in facebook.com or linkedin.com he can access.

That must not be happen.

do you have any idea?
Logged
mrkroket
Hero Member
*****
Offline Offline

Posts: 495


« Reply #3 on: Saturday 25 February 2012, 02:21:26 am »

That must happen.
 Http is filtered byt transparent proxy, HTTPS is not. Period. If you want to filter out HTTPS you must use non-transparent proxy or do some nasty tweaks on transparent.

http://serverfault.com/questions/211552/filter-ssl-connections-with-squid-proxy
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com