Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block some websites for Some IP's and Allow Some IP's

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 3 Posters 930 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      muneebkalathil
      last edited by

      I want to block websites like facebook, gmail, webmails, chat sites  etc for some IP.
      For others, I need to enable all the sites.

      How to do this ?
      Squid or firewall rules?

      I tried to do block https  facebook on squid. But the method is not working.

      Please help.

      Thank You

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Squid + squidGuard + Shalla (or other) blacklist.

        1 Reply Last reply Reply Quote 0
        • M
          muneebkalathil
          last edited by

          Will this block https sites too ?

          Wel actualy  its not wrking for me as expected ?

          and how to allow for some IP's ?

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            Will this block https sites too ?

            It will if you have squid properly configured.

            Wel actualy  its not wrking for me as expected ?

            I'm guessing you don't have it configured properly.

            and how to allow for some IP's ?

            Create a Group ACL in squidGuard and apply different policies to it.  Assign users to that group.

            1 Reply Last reply Reply Quote 0
            • M
              muneebkalathil
              last edited by

              Am using Transparent Mode .

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                Am using Transparent Mode .

                I would recommend you use explicit mode instead.

                1 Reply Last reply Reply Quote 0
                • S
                  spittlbm
                  last edited by

                  You could also do this through the firewall with aliases.

                  We have a small number of machines that we allow to get anywhere.  We created an Alias with their IP's listed and called it Allowed_Outbound.  We set a firewall rule that allows them out and put a rule behind it that blocks everything else.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.