Bug #3268

Web Proxy http port block

Added by Filippo Carletti almost 6 years ago. Updated almost 6 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-squid
Target version:v6.7-final
Security class:low Resolution:
Affected version:v6.6 NEEDINFO:No

Description

The web proxy can be enabled only on green or blue interfaces, but the port blocking options affects also orange.
If the proxy can't run on orange, why should it block orange traffic?

Link to the discussion in the community:
http://community.nethserver.org/t/block-http-and-https-ports-applies-to-dmz-by-design/1658/12

Associated revisions

Revision 4f3e6a1c
Added by Giovanni Bezicheri almost 6 years ago

Avoid to block HTTP and HTTPS port for orange. Refs #3268

History

#1 Updated by Filippo Carletti almost 6 years ago

  • Target version set to v6.7

#2 Updated by Giovanni Bezicheri almost 6 years ago

  • Assignee set to Giovanni Bezicheri

#3 Updated by Giovanni Bezicheri almost 6 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20
  • Security class set to low

#4 Updated by Giovanni Bezicheri almost 6 years ago

  • Description updated (diff)

#5 Updated by Giovanni Bezicheri almost 6 years ago

  • Status changed from TRIAGED to MODIFIED
  • % Done changed from 20 to 60

#6 Updated by Giovanni Bezicheri almost 6 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Giovanni Bezicheri)
  • % Done changed from 60 to 70
Package in nethserver-testing:
  • nethserver-squid-1.3.8-1.1.g4f3e6a1.ns6.noarch.rpm

Check the bug is not reproducible.

#7 Updated by Adam P almost 6 years ago

  • Assignee set to Adam P

#8 Updated by Adam P almost 6 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Adam P)
  • % Done changed from 70 to 90

System and Package Version installed
ESXi 5.1 - Nethserver 6.6 fully updated
Package Installed: nethserver-squid-1.3.7-1.ns6.noarch.rpm
Other Packages installed: Basic firewall, DNS and DHCP server, Web filter, Web proxy

Test Original Problem
Enabled web filter, proxy server, and blocking of ports 80 and 443.
Bug confirmed, dns resolves and can communicate with internet but ports 80 & 443 blocked

Install Updated Package
yum --enablerepo=nethserver-testing upgrade nethserver-squid

Test Results after install
Test case 1:
Desktops in DMZ with static IP able to browse internet
Ok on Ubuntu/Windows7 - both able to browse internet

Test case 2:
Set PCs in green zone to no proxy to make sure ports were still blocked there
Ok on Ubuntu/Windows7

Verified or Reopen
Verified

#9 Updated by Giacomo Sanchietti almost 6 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
Released in nethserver-base:
  • nethserver-squid-1.3.9-1.ns6.noarch.rpm

#10 Updated by Giacomo Sanchietti almost 6 years ago

  • Target version changed from v6.7 to v6.7-final

Also available in: Atom PDF