EFW Support

Support => EFW SMTP, HTTP, SIP, FTP Proxy Support => Topic started by: Galas on Wednesday 04 February 2015, 01:12:56 am


Title: HTTPS filtering NOT working on Proxy NON transparent
Post by: Galas on Wednesday 04 February 2015, 01:12:56 am
Here is my problem.

I have an endian firewal 2.5.1 running on an HP Server Xeon Quad core, 8GB RAM

Suddenly HTTPS filtering no longer works.

For instance, i can't browse http://youtube.com but I CAN browse https://youtube.com

Some more information:

- Port 443 is blocked in firewall, allowed in proxy configuration just like Port 80
- Originally worked as intended. It means something changed and now it doesn't filter https anymore
- There are multiple profiles, some people is allowed to do so, so blocking it with DNS proxy or hosts file is not possible.
- I have another setup very similar to this one, on another site, and works as intended ( filters both http and https versiones of the same website if it's blacklisted)
- I have read other threads with similar problems, but all point out the problem in transparent mode, I am using non transparent and was using it for a while with no problems whatsoever.

Any clue or insights?
Is there something I should look for?

Thanks in advance.

Title: Re: HTTPS filtering NOT working on Proxy NON transparent
Post by: Galas on Friday 06 February 2015, 11:30:09 pm
Any insights?

Title: Re: HTTPS filtering NOT working on Proxy NON transparent
Post by: phqr58 on Wednesday 11 February 2015, 01:37:33 pm
Endian community 2.5.X does not filter https://youtube.com. What you do is fine by blocking the firewall, but google adds more ip addresses to https://facebook.com https://youtube.com. The work we do is monitor the firewall log and see the ip addresses and add them to the firewall.

These ip addresses have put in outbound firewall to block certain ip addresses.
If you want to block the entire network PROXY DNS is used.
Within these ip addresses are also https://google.com, what I have done is to allow the country just google for example https://www.google.de/

Youtube
50.76.50.112/28
65.201.208.24/29
65.204.104.128/28
66.93.78.176/29
66.92.180.48/28
66.199.37.136/29
66.220.144.0/20
67.200.105.48/30
69.63.176.0/20
69.171.224.0/19
72.21.91.29
74.119.76.0/22
173.252.64.0/18
204.15.20.0/22
201.218.56.216
91.209.243.160
201.218.56.251
216.58.219.77
64.233.185.94
31.13.69.80
31.13.73.1
173.194.113.136
181.198.79.251
181.198.58.29

Facebook

173.194.63.139
173.194.138.74
181.198.58.30
181.198.79.173
216.58.219.100
134.170.165.253
201.218.56.227
201.218.56.238
181.198.79.173
201.218.56.218
31.13.73.1
31.13.65.1
181.198.79.134


Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media