EFW Support

Support => EFW SMTP, HTTP, SIP, FTP Proxy Support => Topic started by: socky on Tuesday 17 April 2012, 02:00:27 am



Title: Bypass transparent proxy to domain name
Post by: socky on Tuesday 17 April 2012, 02:00:27 am
Is it possible to rule out / bypass the transparent proxy for domain name?? Unfortunately the new avast is non-stop connecting to the servers and clutters up my logs. I would like to bypass the proxy or to exclude from logging su.ff.avast.com address. Is it somehow possible?? Domain su.ff.avast.com has variable ip address so i can't bypass transparent proxy to SUBNET/IP.


Title: Re: Bypass transparent proxy to domain name
Post by: socky on Tuesday 17 April 2012, 02:27:54 am
i found at domaintoip.com/ip.php?domain=su.ff.avast.com list of ip's for this domain... if someone want to use it...

64.95.244.56
64.95.244.57
64.95.244.58
195.39.12.51
195.39.12.52
149.7.241.51
149.7.241.52
149.7.241.53
149.7.241.54
72.5.58.51
72.5.58.52
72.5.58.53
72.5.58.54
72.5.58.55
72.5.58.56
72.5.58.57
72.5.58.58
72.5.58.59
72.5.58.60
64.95.244.51
64.95.244.52
64.95.244.53
64.95.244.54
64.95.244.55

but the question how to bypass proxy to domain name is still open ;-)


Title: Re: Bypass transparent proxy to domain name
Post by: endianupdate on Thursday 19 April 2012, 03:28:39 am
Socky

It is not possible to bypass the proxy as such, but you can exclude the domain using a proxy access policy, I have done this as follows;

Proxy > Access Policy > New Access policy

source type : any
destination type : domain
insert domains (one per line) : .avast.com
Access policy : Allow access
Filter profile : none
Position : First position

This will bypass any content filter/antivirus policy that you have setup, not as good as bypassing the proxy fully as the entry will still be logged in the proxy log.

Note that you must enter the domain with a leading . in the access policy

I use the access polices to block downloads for executable files using a block policy for the mime-types;

application/download
application/octet-stream
application/x-cab-compressed
application/x-gtar
application/x-msdos-program
application/x-msdownload
application/x-rar-compressed
application/x-tar
application/zip
application/x-zip-compressed

So I have a policy at position 1 for microsoft, antivirus company etc. allowing the domains, then a policy at position 2 blocking all executable downloads.

Hope this helps.