I’m a quite a newbie with firewall and proxy configuration so
may i ask for some experts’ advice as to how i could fix or deal with the issue
that I’ve been facing for 3 days now. Googled already and have done so many
tweaks but somehow i could not make it work ;(. I wonder if i am doing something
wrong, so would be glad if somebody would correct me.
I had activated IPfire’s proxy as transparent on Green.
Had setup firewall rules where in my goal is to restrict all machines from accessing some sites (social media, gaming sites, etc) by default, and yet allowing access to selected IP’s only.
I am attaching the screenshot of my firewall rules and web proxy configuration for you to see.
(Kindly ignore the inactive rules though.)
LOCAL IP variable here points to a network i created with value of 192.168.0.0/24
and ALLOWED IP is containing a small group of hosts like 192.168.0.1, 192.168.0.15, 192.168.0.30.
However, with ALLOWED IP rule running, those under the ALLOWED IP group can’t still access the restricted sites. (??)
To test if each of my rules are indeed working, i deactivated the ALLOWED IP rule and focused yet with rule number 2 (block all IP from accessing restricted sites). And it seems like this rule is running okay as when i disable or enable this, my testing machine could access, or then could not access everything.
To test even further, i changed this LOCAL IP value to a single host IP 192.168.0.50,
and i am quite confused with the result as 192.168.0.50 could still access everything, even after i restarted the IPfire machine.
And same result when i use a group of hosts.
In conclusion, i wonder why my rules containing a host or a group of host as source won’t work as oppose to when i use a network 192.168.0.0/24 value? Or am i doing something really wrong in here?
IPFire version IPFire 2.25 (x86_64) - core147
Pakfire version 2.25-x86_64
Access to proxy was enabled via my testing machine’s browser proxy setting using port 800.
Thank you in advance for everyone’s help.