Shivtek
asked on
ACL
Hey Guys,
I am using IPCop-Linux based firewall like m0n0wall and moothwall for my firewall with various addons like advanced proxy, Block out Traffic and URL Filter.
URL filter works using the advanced proxy.
I am able to block domains and url and redirect users to where I want if they go to a restricted site.
Port 80 and 443 are open
Its a windows 2003 server environment, I have disabled all browsers except IE, and entered the proxy settings in the GPO.
Here is what I am trying to do now:
1) block certain domains for http and https access. Currently only http sites are only being blocked while using transparent proxy, https is open. When I disable transparent proxy and enter the proxy setting in the browser, http works like before but https completely stops working, I get a message, "you are not authorized to view this page"
So I would like to block "certain" domains for https and http access both.
2) These addons allow me to enter list of IP's if I want them to be unfiltered. That makes that IP completely free of the block list (access to everything). But I want to instate another list for those unfiltered IP's.
According to what I found on Google and IPCop's forum this is possible using ACL entries with Squid. I am not familiar with Squid ACL's so would like someone to help.
This are the two links I found:
http://www.dageek.co.uk/ipcop/squid/index.htm
http://www.linuxquestions.org/questions/linux-security-4/squid-and-https-sites-522138/
I am using IPCop-Linux based firewall like m0n0wall and moothwall for my firewall with various addons like advanced proxy, Block out Traffic and URL Filter.
URL filter works using the advanced proxy.
I am able to block domains and url and redirect users to where I want if they go to a restricted site.
Port 80 and 443 are open
Its a windows 2003 server environment, I have disabled all browsers except IE, and entered the proxy settings in the GPO.
Here is what I am trying to do now:
1) block certain domains for http and https access. Currently only http sites are only being blocked while using transparent proxy, https is open. When I disable transparent proxy and enter the proxy setting in the browser, http works like before but https completely stops working, I get a message, "you are not authorized to view this page"
So I would like to block "certain" domains for https and http access both.
2) These addons allow me to enter list of IP's if I want them to be unfiltered. That makes that IP completely free of the block list (access to everything). But I want to instate another list for those unfiltered IP's.
According to what I found on Google and IPCop's forum this is possible using ACL entries with Squid. I am not familiar with Squid ACL's so would like someone to help.
This are the two links I found:
http://www.dageek.co.uk/ipcop/squid/index.htm
http://www.linuxquestions.org/questions/linux-security-4/squid-and-https-sites-522138/
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.