Help Me!! I need block download for extensions HTTP , FTP AND….
-
Hello everyone
I doubt if it is possible to perform these questions using pfSense:
1 -Control of what is being done on my network (using proxyweb, etc..) Report and online.com by hostname, IP, MAC Address;
2- Control of downloads and uploads (HTTP and FTP) by time, size and file extensions;
3- Block Torrent (P2P) in the entire network;
If someone how to resolve these questions could explain to me how to proceed?
-
I think that three packages do all your requirements with flying colors: Squid, Squidguard(or lightsquid) & Snort. Search these and you'll end up finding a lot of info
-
Thanks for the help friend
and the control extension by ftp?
exampleI forbid you to download zip and exe extensions are made via FTP the rest is released
-
I think that you should wait answers from other ones. I can't tell how to configure this, but it might need l4 and l7 all together
-
???
There is the possibility of blocking the ftp squid? If you have to make these settings?
-
Squid is an http proxy it will not help you with ftp.
You would need to use something like ftp-proxy, although I don't think that allows file type control.Steve
Edit: Looks like I'm wrong. :-[
Squid does have some ftp features. -
Seeking information on the internet I see many people saying it's possible but have not found how.
I found this site I tried the process but without success
http://www.labtestproject.com/linux_network/step_by_step_enable_ftp_on_squid_proxy_in_linux_fedora_10.html
PfSense does not exist in a way to accomplish this process? -
You cannot block ftp file extensions. Solutions 1: disable default port to any and just open ports 80/443/53. 2: Use traffic shaper to slow down the download.
Hope this help.
jigp
-
Which part of those instructions could you not do?
Are you usign the squid 3 package?Steve
-
Thanks for the replies
Yes I have to block extension and it worked!
I got through the layer 7
I am now with the following difficulty
How to Block UltraSurf program
there is a PAT to include Layer 7 to block?
To block success got to block port 443 but that brings me more trouble than I want -
Just to confirm: you can block ftp download of specific file types with Squid 3?
Ultrasurf is designed to bypass firewalls so it's very difficult to block. It presumably connects to a proxy server using port 443 since that is almost always unblocked for SSL. The connection is encrypted so it's very hard to use layer 7 filtering. Why are you blocking it?
Steve
Edit: The first hit on Google throws up some useful info though.
-
Solutions 1: disable default port to any and just open ports 80/443/53. 2: Use traffic shaper to slow down the download.
Hope this help.
jigp
Do not open any port, including 53.
your network use your local dns and a proxy server.
set access to 53 only from dns server
Create a rule to allow traffic for proxy server port 3128 if you are using squid.
Create a l7 rule to cathc p2p traffic with 1kbps
if you block p2p, the client will try to use your squid. if you limit p2p the client will try to use it.And at squid.conf edit safe ports to allow only ports you know 80,443, etc exlcude the port range 1024-65535
-
Steve thanks for the help
As you know the squid3 not confirmed! The lock so I could do for l7.
About UltraSurf had already read that document but so far the only way I found to be successful in blocking was blocking all networks.
99.224.0.0/11
63.241.6.64/28
63.242.0.0/16
63.240.0.0/15
218.168.0.0/16
125.176.0.0/12
122.118.0.0/16
69.64.144.0/20
211.109.128.0/24
59.120.0.0/14
59.112.0.0/13
97.112.0.0/13
71.192.0.0/12
219.137.112.224/27
203.112.80.0/20
162.138.0.0/16
170.201.0.0/16
156.40.0.0/16
61.224.0.0/14
61.220.0.0/14
59.120.0.0/14
59.112.0.0/13
220.136.0.0/13
220.132.0.0/14
220.130.0.0/15
220.129.0.0/16
118.168.0.0/16
122.120.0.0/13
118.168.0.0/16
122.120.0.0/13
71.208.0.0/12
61.231.0.0/16
218.160.0.0/16
61.62.74.0/24
72.25.64.0/18
66.245.192.0/18
64.62.138.0/25
64.62.128.0/17
125.224.0.0/13Work but is not an efficient method because tomorrow there may be a new network.
