On 7/26/2012 2:22 AM, Emiliano Vazquez wrote:
i suggest for you to first implement the basic allow\deny acls in squid
for the intercepted traffic and later see what is the effect.
Regards,
Eliezer
At the moment if i send 443tcp traficc to squid i got and "unknow
request" on access.log.
the b
-Original Message-
From: Emiliano Vazquez
Organization: PcCentro Informatica & CCTV
Date: Thursday, July 26, 2012 7:28 PM
Cc: "bind-users@lists.isc.org"
Subject: Re: Block some users with Bind9
>I was reading about rpz zones but i understand what i need to do.
>I
El 24/07/12 22:38, Michael Hoskins (michoski) escribió:
I would try using RPZ with a combination of views and match-clients.
http://jpmens.net/2011/04/26/how-to-configure-your-bind-resolvers-to-lie-us
ing-response-policy-zones-rpz/
Hi Michael.
I was reading about rpz zones but i understand wh
block udp dst port 53 is good but you must to take in account that maybe
some of your services\servers needs this access for whatever reason
there is.
That's true.
if you are using squid in transparent mode it's good enough for basic
http blocking.
to block HTTPS you will need to force your us
On 7/25/2012 3:26 PM, Emiliano Vazquez wrote:
well on a dns level will be nice to block it but if the user will have
access to some dns anywhere in the world in any way he can just use some
basic browser tricks to make this dns setup stupid.
i think it's better to use a proxy\fw to block these s
well on a dns level will be nice to block it but if the user will have
access to some dns anywhere in the world in any way he can just use some
basic browser tricks to make this dns setup stupid.
i think it's better to use a proxy\fw to block these sites.
you can use let say squid and use some ni
El 24/07/12 22:38, Michael Hoskins (michoski) escribió:
I would try using RPZ with a combination of views and match-clients.
http://jpmens.net/2011/04/26/how-to-configure-your-bind-resolvers-to-lie-us
ing-response-policy-zones-rpz/
Thanks for the link! i will read and post the results.
Best
On 7/24/2012 8:32 PM, Emiliano Vazquez wrote:
Hi to everyone!
I'm stuck with this!
I need to do the following but i did not find the real solution.
My problem:
I need to block some IPs from the LAN to specific places, like
"Facebook.com"
I do this with Squid but https transport is encripted a
y 24, 2012 10:32 AM
To: "bind-users@lists.isc.org"
Subject: Block some users with Bind9
>Hi to everyone!
>I'm stuck with this!
>
>I need to do the following but i did not find the real solution.
>
>My problem:
>
>I need to block some IPs from the LAN to specifi
Hi to everyone!
I'm stuck with this!
I need to do the following but i did not find the real solution.
My problem:
I need to block some IPs from the LAN to specific places, like
"Facebook.com"
I do this with Squid but https transport is encripted and never goes to
Squid. There are some news
10 matches
Mail list logo
