How I can unblock this category in-addr, whe I put a IP address I can not go…
It’s the option “Block access to web sites using ip address”
@dnutan what do you think about removing that “Block access to web sites using ip address” option completely?
It was born as a way to stop malware that connected using ip addresses, but malware evolves rapidly and, while I don’t have actual stats, I think that it is no longer effective.
On the other side, transparent ssl proxy uses connect to ip addresses and can be affected if this option is on.
Finally, it “confuses” the sysadmin like @kristian1369
We could leave the feature in the code, making it possible to enable it from the command line, removing only the checkbox from the interface.
What do you think about to set the checkbox as unselected after installation? So the administrator definitely knows about it, if he has activated it. But please don’t change the status of it for already installed versions, or give a hint with a banner after update.
I’m not using proxy/webfilter but agree on not removing this feature as then proxy could be bypassed using ip addresses. I’d keep the checkbox.
Would make any sense to allow local networks IPs but block public IPs?
I agree with this approach: do not remove the option, only change the default inside the UI.
AFAIK is not possible with ufdbguard unless you write down very complex rules. IMHO it doesn’t worth it.
Content filters shouldn’t ever be filtering internal addresses. Usually adds overhead to the content filter that isn’t needed.
I don’t know much about the squid to ufdbguard communication, but would it be possible to just not have squid send over the redirect?
You’re right it’s already implemented like you said, but only for well-kown networks: