I’m on core 141. Installed squidclam via pakfire, I see a process running.
Network > web proxy
Network > URL filter
From a client on GREEN, http://www.proxy.com, no blocking. What am I missing?
Try only proxy.com or www.proxy.com
tried both – it does not block.
Strange, i have many custom blacklist entrys all fully funtional. The only diffrent thing is i dont use transparent proxy.
Hey,
Ipfire WebProxy in mode transparent no blocking https webpages. in mode non-transparent blocking all pages, http and https.
There are a lot of threads explaining this.
To block https pages, you must be configure IPfire in non-transparent and configure your web-navigator´s proxy.
https://wiki.ipfire.org/configuration/network/proxy/wui_conf/settings
Regards.
Roberto, thank you for this clarification. I, too, thought IPfire was failing because my IPfire with proxy in transparent mode was failing to block https sites on blacklists.
Can we get the UI updated (in bright color) to highlight that URL filter will not filter https sites if proxy is in transparent mode, please?
Is it possible to change the default behavior to get the transparent proxy to filter https pages? The advent of LetsEncrypt and security means many, many pages are https only now and therefore significantly reducing the effectiveness and control of a transparent proxy.
With a transparent proxy you must break the HTTPS traffic. This is not allowed in many countries and never good practice!
The standard proxy mode gets all HTTP(S) requests with the target URI. Thus it is possible to block/redirect this request without breaking the contents of the packet.
Of course:
With a transparent proxy you must break the HTTPS traffic. This is not allowed in many countries and never good practice!
Thank you for the reminder! (Going back to finish my serving of humble pie now.)