bsilver at chrononomicon.com
Mon Mar 12 17:57:39 UTC 2007
I am trying to find a way to stop some people on our network from
accessing certain websites. We have been using Squid with SquidGuard
on an older FreeBSD system.
The Squid that was installed from ports doesn't seem to see https:
connections. From what I can find, this appears to be normal
behavior since https: connections are encrypted.
Is there some way to set up ipfw to block access to port 443 if the
URL/IP matches a certain address? These users are bypassing our
filter rules by accessing a proxy site that is using https. The
current ruleset on the box is
00049 allow tcp from <filter machine IP> to any
00050 fwd <filter machine IP>,3128 tcp from any to any 80
00100 allow ip from any to any via lo0
00200 deny ip from any to 127.0.0.0/8
00300 deny ip from 127.0.0.0/8 to any
65000 allow ip from any to any
65535 deny ip from any to any
Can someone help with some suggestions? Does the Linux firewall
system have a similar way to block access to a particular IP if it
were doing forwarding? We were experimenting with a new proxy
machine but it is running Ubuntu.
More information about the freebsd-questions