Text only | Text with Images

OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: moe on December 17, 2022, 03:11:30 PM

Title: Webproxy per Interface or Host
Post by: moe on December 17, 2022, 03:11:30 PM
Hi,
i currently try to establish another layer of security by webproxy filtering.
But on my opnsense installation i have diverend usecases which sites are allowed or not.

Especually my Linux-Servers should get access to *.debian.org, the windows-server should get access to *.microsoft.com

But i didn't found any way to make rules per host or subnet or interface.

Can anybody give me a short advices how to realize that use-case?

I don't want to have an outbound "any" connection from my servers... they should only receiver their repos. And as Benefit a could enable the caching functionality.

thanks for your help!
Title: Re: Webproxy per Interface or Host
Post by: moe on December 19, 2022, 11:03:51 AM
Try to make a custom.conf in the pre-auth folder, but it seems that the wildcard didn't work.

If i use .debian.org i only can access www.debian.org and not more. Whats wrong there?

Also i can't get the UT1 Rules up and Running, looks really buggy (update script).

Code Select
#acls
acl repository dstdomain debian.org

## debian server ##
acl debian src 172.31.152.1


http_access allow debian repository
http_access deny debian all

Thanks for help
Text only | Text with Images