Topics

1

General Discussion / Verge of giving up on web filtering

« on: August 25, 2017, 09:07:45 pm »

Long story short I started on pfsense and after about 50 hours and long nights of transparent mode, non transparent mode, countless rebuilds I just can't get it to work. 


So I just built a opnsense box and have it all setup.  With about 10 tabs open right now from the document portal and using this https://docs.opnsense.org/manual/how-tos/proxytransparent.html I thought I had it figured it out.

I followed the rule for HTTP and the last part Enable (NAT + Proxy) was there.  I then went back to do the same rule for HTTPS and noticed Enable (NAT + Proxy) was no longer an option.  I then deleted the http rule and tried to make both again and now I can't choose Enable (NAT + Proxy) for http or https.  So as of now porn, gambling  and everything is loading up.  Would love to finish this nightmare today if possible.

Here are a few logs

Code: [Select]

1503687481.211 9 192.168.0.228 TCP_MISS/200 3532 GET http://cdn-ssl.vegasworld.com/i/vg/t/logos/vegas/favicon.png? - ORIGINAL_DST/93.184.216.69 image/png
1503687481.117 0 192.168.0.228 TCP_DENIED/403 4212 GET https://www.google-analytics.com/analytics.js - HIER_NONE/- text/html
1503687481.113 0 192.168.0.228 TCP_DENIED/403 4150 GET http://bat.bing.com/bat.js - HIER_NONE/- text/html
1503687481.052 10 192.168.0.228 TCP_MISS/200 21545 GET http://cdn-ssl.vegasworld.com/i/t/flash_prompt/click_allow.png - ORIGINAL_DST/93.184.216.69 image/png
1503687481.011 101 192.168.0.228 TCP_MISS/200 7989 GET http://www.vegasworld.com/fx/enablePlugin.jsp - ORIGINAL_DST/64.85.93.151 text/html



2017/08/25 14:57:43| Error sending to ICMPv6 packet to [2607:f8b0:4008:805::2003]. ERR: (65) No route to host
2017/08/25 14:48:23 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::1]:3129 remote=[::] FD 55 flags=41
2017/08/25 14:48:23 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=127.0.0.1:3129 remote=[::] FD 54 flags=41

Thanks