Great! Let us know of the outcome!
Hi Lewis,
I have blocked Facebook access for GREEN using the following settings.
It works with or without âBlock HTTP and HTTPS portsâ enabled.
But, with this configuration (âTransparent with SSLâ with or without âBlock HTTP and HTTPS portsâ enabled), I have a problem regarding Google Translate (till now) but Iâm sure may be and other dysfunctions regarding sites. I will open another post with this but I want you to know about that.
Thatâs a good FAQ! Remind that with Transparent SSL youâre forced to install the certificate into your client
@vhinzsanchez I have not tried his method, having problems understanding. How do I add all the IP/CIDR? It looks like I have to add one at a time in Firewall Objects>CIDR Subnets, once that done how do I link them all to a group?
@GG_jr gave you method a go, and it didnt work, dont know if I did something wrong.
How do i force my certificate to be installed, I have tried and having no luck. Using Firefox
- Remove from Firefox â Options â Advanced â Certificates â View Certificates, any certificate regarding NS.
- In NS GUI â Web Proxy: right click on âhttp://your_ip/proxy.crtâ and âOpen Link in New Tabâ.
- Save the certificate.
- Import the certificate as Trusted Authorities.
- Restart Firefox (Optional).
Ehi man, those are good explanations! Please take some time to create a new page on our wiki
I found the problem:
Do not enable âBlock porn sites by regular expressions on URLâ.
If you want to block porn sites, choose from âCategoriesâ.
With âBlock porn sites by regular expressions on URLâ enabled, also blocked and this:
http://docs.nethserver.org/en/latest/base_system.html?highlight=services#network-services
when I want to open from here:
Another How To: Problem with ssl bump on Firefox 39+
TIP: If you have installed any AV that scan SSL, disable this option!
Hi everybody,
Another TIP regarding blocking Facebook through Web proxy -> Transparent with SSL and Web filter:
If you want to access different media web sites who have âCommentsâ section made with âFacebook Comments Pluginâ, you will not be able to see or access that section.
This is available for any other combination (Blocking Twitter and Twitter Plugin, âŚ).
Kind regards,
Gabriel
Unfoturnatelly it is whole stystem blocking, but TS ask about how to block certain user. So only firewall rules.
Yes, but even those users will be not able to see that section.
Is the same thing but only for a few users. Or not?
the one way to resolve this problem (for me), was use the iptable:
iptables -I FORWARD -s 192.168.1.1 -p tcp --dport 443 -m string --string âfacebookâ --algo bm -j DROP
Or other case, block all and allow some IP connect.
#Block all
iptables -I FORWARD -p tcp --dport 443 -m string --string âfacebookâ --algo bm -j DROP
#Allow IP
iptables -I FORWARD -s 192.168.1.123 -p tcp --dport 443 -m string --string âfacebookâ --algo bm -j ACCEPT
This way you keep using the transparent proxy without ssl.
RegardsâŚ