Prev: enquiry
Next: Creak Firewall
From: Newman on 10 May 2010 13:46
I have just installed IPCop, along with the Advanced Proxy, and
URLFilter.

I can't seem to get the Blacklist to work on the URLFilter.

If I put an IP address in as "banned", it blocks all access. If I then
remove it, access returns.

So, I know the URLFilter add-on is in fact working, but I tried a
simple test. I added "www.facebook.com" to the blocked URL list on the
Blacklist.

This does *not* block the access from computers behind the IPCop box.

I am a total noob on both Linux, and on IPCop, so any and all help
would be greatly appreciated!

Thanks
From: Newman on 11 May 2010 10:37
On Mon, 10 May 2010 10:46:16 -0700, Newman <cloakedrun2001(a)yahoo.ca>
wrote:

>I have just installed IPCop, along with the Advanced Proxy, and
>URLFilter.
>
>I can't seem to get the Blacklist to work on the URLFilter.
>
>If I put an IP address in as "banned", it blocks all access. If I then
>remove it, access returns.
>
>So, I know the URLFilter add-on is in fact working, but I tried a
>simple test. I added "www.facebook.com" to the blocked URL list on the
>Blacklist.
>
>This does *not* block the access from computers behind the IPCop box.
>
>I am a total noob on both Linux, and on IPCop, so any and all help
>would be greatly appreciated!
>
>Thanks

Problem solved! What I discovered though was this:

The Scheduler in Advanced Proxy, by default, allows access from Monday
to Sunday from 0:00 to 24:00. But that feature is no where near
granular enough to be useful.

So I turned my attentiuon to the Time Based Access control feature of
the URLFilter. The blacklist would *not* work unless I put in a time
based access rule to "Block" "custom- blocked" items. However, as soon
as I did, I could not get "proxy" access through IPCop.

After some consideration, what I did was add a Monday to Sunday, 0:00
to 24:00 rule to allow "proxy" for the entire sub-net.

As soon as *that* rule took effect, *then* the URLFilter worked as
expected!

I just presumed that overall access was allowed by default - which it
appeared to be! (decades of using Microsoft products... ;). But it
seems that as soon as a restrictive rule is added to the "time
restrictions", there is no such presumption of *any* access. Once such
access is explicitly defined, then all apprears to work as expected.

Once you understand this, then it is actually quite powerful because
there is no unknown or hard-coded defaults - you really do have *full*
control and can set things up *your* way (as opposed to "bill's"
way!).

I don't recall reading that in the documentation. Perhaps I missed it.


 | 
Pages: 1
Prev: enquiry
Next: Creak Firewall