Cannot block single host or alias? [SOLVED] Now: Block bittorrent
-
You can input host fqdn instead of ip addresses.
Are you setting this rule on lan and putting it on top of allow rules?
Quting again.
I cannot enter www.youtube.com, http://www.youtube.com or youtube.com as host, pfsense says invalid host.
Bug or feature? -
Did you checked if dns defined on pfsense configuration is working?
-
Did you checked if dns defined on pfsense configuration is working?
Where do I do that?
::) -
At console you can do nslookup www.youtube.com
-
ehh man.. I block sites this way
(put blocking rules first before any other rules)
-
Good!
When something is blocked, is there a way of users get a page that informs them of company policy?
Also, is there a way of blocking all torrents?
Best
Kostas
-
Good!
When something is blocked, is there a way of users get a page that informs them of company policy?
Use squid +squidguard or squid+dansguardian
Also, is there a way of blocking all torrents?
Best
Kostas
Probably not. You can try to block .torrent files or pages with squidguard/dansguardian and then redirect to your company policy page.
-
Thank you, and sorry to hijack this thread…
Is squid +squidguard or squid+dansguardian works reliably with multiWAN?
Best regards
Kostas
-
Is squid +squidguard or squid+dansguardian works reliably with multiWAN?
Yes, configure tcp_outgoing_address 127.0.0.1 on squid and then configure a floating rule to balance outgoing http access.
-
Thank you!
What is preferred squid+squidguard or squid+dansguardian?
Where should I configure the floating rule?
What about https? I have now an https failover rule, because of round robin problem with banking sites.
Best regards
Kostas
-
What is preferred squid+squidguard or squid+dansguardian?
it's up to you. squidguard is free and dansguardian can do antivirus as well content filtering
Where should I configure the floating rule?
go on firewall -> rules -> floating
What about https? I have now an https failover rule, because of round robin problem with banking sites.
It's normal on sites that do not accept request from the same session on different ips
