Squid Proxy bypasses firewall rules
-
I have a bunch of firewall rules being made by aliases set by pfBlockerNG, however it seems kinda pointless when Squid Proxy just bypasses the firewall completely......
How can I apply the traffic filtering using the same aliases in the firewall with Squid Guard?
-
It depends how those rules are being applied.
You can apply that as a floating outbound rule using the alias(es) as destination to block Squid.
Steve
-
@stephenw10 thanks yea I worked out my problem.
Because I has a rule at the bottom of floating that blocked anything I didn't specifically allow out, I then was allowing WAN to HTTP/HTTPS for Squid and it was quick matching.
I had to rejig that block all rule to avoid HTTP/HTTPS so that it allows that traffic by default (No quick rule allow needed for WAN) and then I catch any bad traffic with the explicit deny rules.
Seems to work now.