Complete solution / Content filter question

webfilter
v7
openvpn

(van der merwe) #1

Hi Guys

i am trying to replace our untangle boxes with open vpn site to site connections. Im new at this on top of it.
a) What i need is reporting that integrates with Microsoft active directory so reporting will give usernames and not ip addresses
b) site to site Opven vpn connections for ad and file replication
c) content filtering

what i picked up on the content filtering on neth server is if i go to www.porn.com it gets blocked, but if i go to google, search porn.com i can then open it.

It also does not block xxx videos etc…

I also added a custom group and blocked Facebook but it still opens.

System version
NethServer release 7.4.1708 (Final)
Kernel release
3.10.0-693.5.2.el7.x86_64

Any thought would be appreciated, tnx


(Michael Träumner) #2

Hi @gerrit,
perhaps I can help with content filtering. You wrote

The content filter ufdbguard which is used by nethserver is an url-filter, so it doesn’t metter if you go directly to the site or open it from google. It should block both times.

Did you block also https? If not http://www.facebook.com is blocked, but not https://www.facebook.com.

For content filtering you should use acl’s in squid.conf, but it’s not so easy.


(Markus Neuberger) #3

Hello @gerrit,

This should be possible with NethServer joining your Microsoft AD, authentication proxy and lightsquid.

http://docs.nethserver.org/en/v7/accounts.html?highlight=join#join-an-existing-active-directory-domain
http://docs.nethserver.org/en/v7/web_proxy.html?highlight=proxy#authenticated-mode
http://docs.nethserver.org/en/v7/web_proxy.html?highlight=proxy#report

Openvpn site to site tunnels are possible.

http://docs.nethserver.org/en/v7/vpn.html?highlight=vpn#tunnel-net2net


(Jose G Jimenez S ) #4

How you doing, buddy? have you enabled the use of url expressions?