Block all traffic on an interface except HTTP/HTTPS (Layer 7)
I'd like to be able to block all traffic on an interface except HTTP/HTTPS. I know that I can simply setup a rule that would block all ports except 80 and 443. But the issue is that if someone is using a P2P program and sets it on one of those ports, that firewall rule won't catch it. How would I go about setting up a rule to only allow web traffic?
If someone establishes an SSL connection, firewalls cannot see inside the tunnel to determine the exact nature of the communication. Sorry.
All of the methods people use to try to examine and filter the contents of HTTPS amount to a MITM attack. Which is about the same as breaking HTTPS.