Webproxy per Interface or Host

Started by moe, December 17, 2022, 03:11:30 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 17, 2022, 03:11:30 PM
Hi,
i currently try to establish another layer of security by webproxy filtering.
But on my opnsense installation i have diverend usecases which sites are allowed or not.

Especually my Linux-Servers should get access to *.debian.org, the windows-server should get access to *.microsoft.com

But i didn't found any way to make rules per host or subnet or interface.

Can anybody give me a short advices how to realize that use-case?

I don't want to have an outbound "any" connection from my servers... they should only receiver their repos. And as Benefit a could enable the caching functionality.

thanks for your help!
December 19, 2022, 11:03:51 AM #1 Last Edit: December 19, 2022, 11:10:52 AM by moe
Try to make a custom.conf in the pre-auth folder, but it seems that the wildcard didn't work.

If i use .debian.org i only can access www.debian.org and not more. Whats wrong there?

Also i can't get the UT1 Rules up and Running, looks really buggy (update script).

Code Select
#acls
acl repository dstdomain debian.org

## debian server ##
acl debian src 172.31.152.1


http_access allow debian repository
http_access deny debian all

Thanks for help
Print
Go Up Pages1
User actions