URL Filter

General questions.
Post Reply
BenSW
Posts: 4
Joined: July 25th, 2019, 11:16 am

URL Filter

Post by BenSW » July 25th, 2019, 11:24 am

Hi Guys,

I'm on the latest version of IP Fire (134) using the URL Filter with no transparent on green. None of the URL filtering is working at all.

Ive ticked SquidClamav URL FIlter and Update Accelerator and all my clients have ipfires address in the proxy settings. I know this bit works as when i remove the proxy settings they cant get on to any sites at all. I have a block all rule on my firewall for 80 and 443.

I can still get to many well known porn sites and social media sites. I'm probably doing something stupid, any help is appreciated.

User avatar
Arne.F
Core Developer
Core Developer
Posts: 8522
Joined: May 7th, 2006, 8:57 am
Location: BS <-> NDH
Contact:

Re: URL Filter

Post by Arne.F » July 25th, 2019, 2:40 pm

If you change the URL Filter categories you have to use "Save+Restart" on the Proxy page to activate it, after enabling it need some time to convert the filter lists to a binary database before it will aktive. (On my system the "porn" category need more than 10min to convert)

Also keep in mind that there is no good free filterlist is available, so many new sites are not in this lists.
Arne

Support the project on the donation!

Image

Image

Image
PS: I will not answer support questions via email and ignore IPFire related messages on my non IPFire.org mail addresses.

BenSW
Posts: 4
Joined: July 25th, 2019, 11:16 am

Re: URL Filter

Post by BenSW » July 26th, 2019, 8:13 am

Hi Arne,

Ive waited for longer than 10 minutes after pressing Save & Restart.

Even the custom blacklist doesn't seem to work. I put a site in their as 'facebook.com' and it still allows me to go to the site.

Hellfire
Posts: 697
Joined: November 8th, 2015, 8:54 am

Re: URL Filter

Post by Hellfire » July 26th, 2019, 8:24 am

Did you exit your browser after changing filters?
Keep in mind that once a session is established, it needs to be restarted, otherwise it will still use old settings.

Michael
Image

BenSW
Posts: 4
Joined: July 25th, 2019, 11:16 am

Re: URL Filter

Post by BenSW » July 26th, 2019, 8:28 am

Hellfire wrote:
July 26th, 2019, 8:24 am
Did you exit your browser after changing filters?
Keep in mind that once a session is established, it needs to be restarted, otherwise it will still use old settings.

Michael

Hi Michael,

Yes, closed browser. Also hit the clear cache on ipfire.
All machines are looking at our domain server for DNS, and in iexplorer they have the proxy set looking at ipfire.

Darkness
Posts: 27
Joined: June 27th, 2019, 6:23 am

Re: URL Filter

Post by Darkness » July 30th, 2019, 6:02 am

I have some issues too, but with my Whitelist.

Some pages works fine, and some others no.

For example: IPFire block the forum.ipfire.org and I have it on Whitelist but i can't access trough the proxy. But I have reddit.com on whitelist too and this work fine.

User avatar
Arne.F
Core Developer
Core Developer
Posts: 8522
Joined: May 7th, 2006, 8:57 am
Location: BS <-> NDH
Contact:

Re: URL Filter

Post by Arne.F » July 30th, 2019, 7:32 am

For example: IPFire block the forum.ipfire.org and I have it on Whitelist but i can't access trough the proxy. But I have reddit.com on whitelist too and this work fine.
Sounds like a DNS Problem. In proxy mode the client doesn't do dns for browsing. It request the proxy "get https://forum.ipfire.org" and the proxy resolve the name and get it. If dns is not working on the IPFire it cannot do this. The whole "ipfire.org" domain is DNSSec signed to make sure that you get the legit server. Check you upstream dns servers and that you can resolve forum.ipfire.org on the IPFire.
Arne

Support the project on the donation!

Image

Image

Image
PS: I will not answer support questions via email and ignore IPFire related messages on my non IPFire.org mail addresses.

josinc
Posts: 3
Joined: March 12th, 2019, 1:49 am

Re: URL Filter

Post by josinc » August 1st, 2019, 4:33 am

Have you blocked connections in Firewall > Firewall Options > Default firewall behaviour > FORWARD ?
You have to block connections in FORWARD and allow connection in OUTGOING.

SmithJ
Posts: 18
Joined: July 4th, 2019, 5:21 pm
Location: USA
Contact:

Re: URL Filter

Post by SmithJ » August 1st, 2019, 7:11 pm

Seems like your're doing something wrong because when you block port 443 & 80 it will each and every user including you and all the bots as well.

BenSW
Posts: 4
Joined: July 25th, 2019, 11:16 am

Re: URL Filter

Post by BenSW » August 14th, 2019, 10:20 am

Still having issues. No idea why its not working, can still get to sites I've added to the block list.

Ive tried changing the forward option to 'BLOCKED'

Post Reply