Hello, I need to block porn websites. I turned on the web proxy. Then I turned on the URL filter. Nothing works. What am I doing wrong? Could it be a problem that I’m using a raspberry?
What do you mean by “Nothing works”?
- No internet access?
- Internet access without blocking websites?
Have you configured proxy on the device connecting to IPFire ?
IPFire Green IP adress + port 800
Further down the URL Filter Config page, there is a URL Filter Maintenance section. You must select a blacklist or upload a custom one. Have you done those things?
The simplest solution is to use DNS server 1.1.1.3.
I agree, though many folks here are against filtering DNS servers.
I mean, the filtering doesn’t work. The pages I want to block open. what is meant by “Have you configured proxy on the device connecting to IPFire ?
IPFire Green IP address + port 800”
Where can I get a blacklist? I’ve looked and can’t find any that work. I tried to get it from here Blacklists UT1 but ipfire says it’s not suitable for it
Do you have http and https blocked.
If you do not than users can bypass your proxy.
Or change firewall default behaviour to block.
Than manually configure users to use proxy. Or use wpad.
The default Univ. Toulouse
https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz
works for me
It seems I did everything, but it doesn’t block anything. I also uploaded the black list. I’m attaching a printscreen - can you tell me where I’m making a mistake? Thanks
Which website are you testing?
What browser are you using to view the web pages?
On what system?
How did you configure the proxy?
Here’s an example for Windows 11
Maybe I have bad expectations? I thought that whoever connects to my ipfire should receive such bans. Does this mean that I have to go through all the computers on the network and set proxy settings for everyone? Is that how I understood it? And is it impossible to make everyone who connects to ipfire automatically receive those filters?
See my link above
1 Like
For the wpad to work, you need to set the proxy auto on the devices and some web browser (firefox).
And for Android, on my device, I have to set it with the URL http://ipfire:81/proxy.pac in the Wi-Fi settings.
edit : for some porn sites you need to check adult on IPFire URL filter page
I notice you do not have it showing it updated. or have Enable automatic update: Checked.
The rules have never been downloaded so you have no rules.
and if the user has a DNS hardcoded they can get around this. by hard coding a Public DNS at their computers.
2 Likes
You can force the use of IPFire DNS
And if the proxy and URL Filter are configured correctly, the pages will be blocked.
Regardless of the DNS used.
3 Likes
This and DNS 1.1.1.3 and no Proxy are required.
Apart from that, there are countless ways on the client to bypass any blocks I define on the router if I really want to.
This DNS doesn’t work for me
Edit : Sorry, I forgot to allow this DNS address in my iptables rules.
1 Like