Please help, I’m suffering a mental knot.
Webproxy on green is in conventional, blue transparent. DNS is send all through firewall by the two rules created as wiki says. Now… I did two more rules for passing all http/s traffic from blue/green through firewall - in the same fashion (redirecting). I found in community another solution (blocking http/s from green/ blue to red), but it didn’t work for me and to my liitle knowledge I don’t see how this could work… it’s data, not water.
Now what’s happening in proxy logs is a bit odd, traffic is registered unevenly… For the machines on green (mostly macs) proxy logs/ reports are ok and the url filter is pretty productive. A linux had some glitches but in the end logs normalised. But on blue no way to have proper logs from a bunch of androids and iPads. Sarg also miss web browsing traffic, it shows only some (some) traffic generated by several apps (whatsapp, antivirus)… very few. On the same devices url filtering seems to work though - but again, very few entries on log. I use a hagezi pro list and several hagezi native lists for various brands.
Now, passing the linux from green to blue for testing its logs remains consistent, the traffic in sarg is real, complete, doesn’t miss anything, it works equally consistent.
What do I miss? Why proxy on blue works so unevenly? I checked the config on those devices, but it’s not the case, things are OK… it is transparent so no need to config anything.
My main aim is a proper filtering on all machines for telemetrics/ ads and so… not to find for example a crapy tiktok add nested in shopping apps. Do I need to change firewall rules for http/s? I am lost…
firewall rules for http/s
standard networks: blue/ green
nat: port forwarding > firewall - automatic
destination: firewall - all
protocol: service groups - http/s (created for this purpose)
Thank you.