Prev: enquiry
Next: Creak Firewall
From: Newman on 10 May 2010 13:46 I have just installed IPCop, along with the Advanced Proxy, and URLFilter. I can't seem to get the Blacklist to work on the URLFilter. If I put an IP address in as "banned", it blocks all access. If I then remove it, access returns. So, I know the URLFilter add-on is in fact working, but I tried a simple test. I added "www.facebook.com" to the blocked URL list on the Blacklist. This does *not* block the access from computers behind the IPCop box. I am a total noob on both Linux, and on IPCop, so any and all help would be greatly appreciated! Thanks
From: Newman on 11 May 2010 10:37 On Mon, 10 May 2010 10:46:16 -0700, Newman <cloakedrun2001(a)yahoo.ca> wrote: >I have just installed IPCop, along with the Advanced Proxy, and >URLFilter. > >I can't seem to get the Blacklist to work on the URLFilter. > >If I put an IP address in as "banned", it blocks all access. If I then >remove it, access returns. > >So, I know the URLFilter add-on is in fact working, but I tried a >simple test. I added "www.facebook.com" to the blocked URL list on the >Blacklist. > >This does *not* block the access from computers behind the IPCop box. > >I am a total noob on both Linux, and on IPCop, so any and all help >would be greatly appreciated! > >Thanks Problem solved! What I discovered though was this: The Scheduler in Advanced Proxy, by default, allows access from Monday to Sunday from 0:00 to 24:00. But that feature is no where near granular enough to be useful. So I turned my attentiuon to the Time Based Access control feature of the URLFilter. The blacklist would *not* work unless I put in a time based access rule to "Block" "custom- blocked" items. However, as soon as I did, I could not get "proxy" access through IPCop. After some consideration, what I did was add a Monday to Sunday, 0:00 to 24:00 rule to allow "proxy" for the entire sub-net. As soon as *that* rule took effect, *then* the URLFilter worked as expected! I just presumed that overall access was allowed by default - which it appeared to be! (decades of using Microsoft products... ;). But it seems that as soon as a restrictive rule is added to the "time restrictions", there is no such presumption of *any* access. Once such access is explicitly defined, then all apprears to work as expected. Once you understand this, then it is actually quite powerful because there is no unknown or hard-coded defaults - you really do have *full* control and can set things up *your* way (as opposed to "bill's" way!). I don't recall reading that in the documentation. Perhaps I missed it.
|
Pages: 1 Prev: enquiry Next: Creak Firewall |