Shouldnt this rule block http for my LAN Clients ?



  • I have installed squid and squid guard. (squid is in transparent mode .. having few issues there as well but doing googling on it to resolve it)

    i want to block users from accessing internet if all proxy options are cleared in local system so i created a rule to block http traffic as in attached screenshot.
    initially i created a port alias that consisted of  some ports that i wanted to be blocked. (http/https etc) via firewall.
    but it didnt worked so i modified the rule to just block single http port still no luck and clients on lan subnet are still able to access web with no proxy settings.

    ![1 block http.PNG](/public/imported_attachments/1/1 block http.PNG)
    ![1 block http.PNG_thumb](/public/imported_attachments/1/1 block http.PNG_thumb)


  • LAYER 8 Global Moderator

    So you said you have proxy running in transparent mode, so why would you have to set proxy on a client?  If your proxy was running in explicit mode then you would have to set it on client to talk to the port the proxy is listing on.

    While your rule would block http traffic, many a website run on https.. But when you install proxy in transparent mode, it listens for traffic and uses the proxy


Log in to reply