Date: Mon, 12 Mar 2007 13:57:31 -0400 From: Bart Silverstrim <bsilver@chrononomicon.com> To: FreeBSD Mailing Lists <freebsd-questions@freebsd.org> Subject: firewall/proxy question Message-ID: <F583B046-20BF-4073-BB32-7FED0FE10907@chrononomicon.com>
next in thread | raw e-mail | index | archive | help
I am trying to find a way to stop some people on our network from accessing certain websites. We have been using Squid with SquidGuard on an older FreeBSD system. The Squid that was installed from ports doesn't seem to see https: connections. From what I can find, this appears to be normal behavior since https: connections are encrypted. Is there some way to set up ipfw to block access to port 443 if the URL/IP matches a certain address? These users are bypassing our filter rules by accessing a proxy site that is using https. The current ruleset on the box is 00049 allow tcp from <filter machine IP> to any 00050 fwd <filter machine IP>,3128 tcp from any to any 80 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 65000 allow ip from any to any 65535 deny ip from any to any Can someone help with some suggestions? Does the Linux firewall system have a similar way to block access to a particular IP if it were doing forwarding? We were experimenting with a new proxy machine but it is running Ubuntu. -Bart
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F583B046-20BF-4073-BB32-7FED0FE10907>