PfBlockerNG filter traffic going through transparent Squid-Proxy
-
Hi,
I am using Squid as a transparent SSL proxy and would like to use pfBlocker-ng to limit access to domains and IP Adresses on pre-defined whitelists only. The transparent SSL proxy is neccessary as SSL limits Suricata IPS' ability to filter traffic properly. However, the problem is that can't find a way for pfBlocker-ng to filter traffic going through the proxy. That is why I have the following question:
How can I configure pfBlocker-ng to block traffic to all domains and IP adresses (both when the connection is encrypted and when it's not) that aren't on a specific Whitelist, while keeping the Squid MITM proxy and the Firewall rule blocking traffic that isn't going through the proxy active?
Any help is greatly appreciated.