Hi,
Core 153.
I have several firewalls out there and URL Filtering does not work on any of them. I have read through the few topics here that might have something to do with this but so far no joy.
I followed this:
Topic 1513 is real similar to my situation except I tried youtube.com
Non of the proxys are set to Transparent.
URL Filter Logs are empty.
These are all corporate networks so DNS/DHCP happen on Linux or Windows server.
Do the clients really communicate for web ( HTTP/HTTPS ) access with the proxy?
With non-transparent mode of Squid this is quite easy to bypass the proxy, if it isn’t blocked by firewall rules.
Happy to be here.
I’m the one trying to set this up and I’m not trying to bypass the proxy.
I added youtube in the Custom Blacklist as a test. I can still get there.
You mentioned firewall rules. The instructions didn’t say anything about that. What firewall rules are you talking about?
Thanks
I will add, be very careful blocking 443. If you get things that refuse to use a proxy they get cut off. I initially blocked 443 trying to force through proxy but had mission critical things get blocked. Really I’m relying on WPAD and the fact that they need admin creds to modify proxy settings to kind of softly keep them on the proxy.
Of course malware or whatever can bypass proxy completely in this case, but I really can’t see a way to solve this.
Ok. Before we go any farther down this rabbit trail, my question isn’t about bypassing the URL filter it is the URL filter is not working and I need help fixing it. I have almost a dozen of these out there and as far as I can tell none of them work.
To set one up:
On the Web Proxy screen check Enable on Green. Do not check Transparent on Green.
On the URL Filter screen check the Block Categories ads: and adv: to block ads on any web page you browse.
Click Save and Restart.
Now when I go to eBay Adblock Plus still shows 8 blocked ads.
or:
Check Enable Custom Blacklist:
Add youtube.com to the blacklist.
You can still get there.
Because it works for others I am obviously doing something wrong.
Help.
@bcrandell Have you set up the proxy settings in your clients? Have you setup WPAD on your DNS and DHCP to enable the clients to auto-configure the proxy settings? Have you ensured that the clients are configured to look for WPAD and auto-configure the proxy settings?
You can’t just enable it in IPFire and expect it to just work, you need to either manually enter the proxy settings on each device or setup proxy auto configuration.
These are my settings and when “porn” is ticked in the URL filter, sites such as porn[.}xxx and bigdick[.]com are blocked but nothing shows in the URL log.
Sounds like the traffic is going through your transparent proxy in that case. Have you configured the proxy on the client devices to use the non-transparent proxy? It is a must do if you want to filter https
and a few other places that if you enabled proxy on the firewall then it funneled all traffic through the proxy.
Not so.
I spent the weekend going over more instructions and several Youtube videos some of which mentioned configuring the workstation to use the proxy. Some didn’t.
Now I know that IPFire is configured correctly. And now that I have the workstations configured filtering is working.
If I could make a suggestion, the second line in the wiki should say something like, “You need to configure the workstation to take advantage of the proxy.”
Now if you will excuse me, my brain is full.
Thanks
Ok. That was painless.
I am configuring wpad. The Synology servers were the simplest. The Linux servers weren’t too bad. Windows is driving me nuts but I’m getting it.
Thanks