Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Shouldnt this rule block http for my LAN Clients ?

    Scheduled Pinned Locked Moved Firewalling
    2 Posts 2 Posters 565 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Snailkhan
      last edited by

      I have installed squid and squid guard. (squid is in transparent mode .. having few issues there as well but doing googling on it to resolve it)

      i want to block users from accessing internet if all proxy options are cleared in local system so i created a rule to block http traffic as in attached screenshot.
      initially i created a port alias that consisted of  some ports that i wanted to be blocked. (http/https etc) via firewall.
      but it didnt worked so i modified the rule to just block single http port still no luck and clients on lan subnet are still able to access web with no proxy settings.

      ![1 block http.PNG](/public/imported_attachments/1/1 block http.PNG)
      ![1 block http.PNG_thumb](/public/imported_attachments/1/1 block http.PNG_thumb)

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        So you said you have proxy running in transparent mode, so why would you have to set proxy on a client?  If your proxy was running in explicit mode then you would have to set it on client to talk to the port the proxy is listing on.

        While your rule would block http traffic, many a website run on https.. But when you install proxy in transparent mode, it listens for traffic and uses the proxy

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.