Proxy: block ports 80 (http) and 443 (https)
When web proxy (Squid) is configured in transparent mode, the GUI should display an option to block http and https port.
Add a new
PortBlock property to
enabled, apply following rule:
REJECT loc net tcp 80,443
The rule should be valid also for orange, blue and vpn zones.
#5 Updated by Giacomo Sanchietti over 6 years ago
- Status changed from MODIFIED to ON_QA
- Assignee deleted (
- % Done changed from 60 to 70
- Configure the proxy in manual mode
- Enable the port block
- Check the client can't open web pages without proxy
- Check the client can open web pages when the proxy is configured inside the browser
#6 Updated by Filippo Carletti about 6 years ago
- Status changed from ON_QA to VERIFIED
- % Done changed from 70 to 90
Enabling port block on server-manager adds a reject rule in the loc2net chain:
0 0 reject tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 80,443
Trying to browse the web the connection is closed immediately.
Configuring the proxy in the browser enables navigation.