I have enabled web proxy in ipfire, but neither clamav or url filtering seem to work. I believe I have to enable web proxy in widows 11 itself? Where do I find the ip adress of the web proxy in ipfire? Sorry I’m a bit of a computer illiterate…
Hello and welcome here. The IP is the IP of the GREEN interface. The port depends on whether you have enabled transparent proxy or not. If you don‘t have it enabled then the port is set on the proxy page in ipfire. Per default it is 3128 (squid standard).
In case you don‘t know it yet ipfire has a great wiki which explains much and gives links for further reading. Here is the part for the web proxy: https://wiki.ipfire.org/configuration/network/proxy
2 Likes
Thank you!
Actually, after setting windows 11 web proxy to green ip and port 800, I can block specific url:s in url filter settings, but none of the preselected categories are blocked. Also, clam av doesn’t work, as I can download eicar files without problems (HTTP). Any ideas?
Since nowadays most traffic is https the filtering - especially clamav - isn‘t really feasable anymore. I haven‘t dug into it but have the same results you see. There is just the odd adblock notice in the log but nothing else. The only blacklist I have available is the one from the Toulouse university though last time I checked. So I use the proxy as cache and be done with it.
But if you find a solution that makes it working I‘m all ears.
1 Like
Well, thanks for letting me know I’m not the only one.
The only way to change that would be a proxy that breaks the tls encryption to inspect the payload. While squid has that capability @ms did argue strongly against it. As that procedure technically is a man-in-the-middle attack it completely breaks any chain of trust between the user and the visited site. And it opens its own can of worms (self signed certificates for example). In the end you‘ll probably lose more than you gain so better leave it be.
Since core update 90, SSL-Bump has been removed from squid for security reasons, therefore it is not possible in IPFire to have Squid inspecting the payload.
2 Likes