web filtering

[cnicules]

Hello,
i want to filter specific websites only to some IPs. for ex: youtube,facebook ....

i tryed with web proxy and firewall rules + alias fqdn.
i can not make it work.

it's supposed to work?

Cheers,

Ciprian

[cnicules]

hmm got bitten by nat order :)
nat is first, then filtering.
so my solution is a mix of firewall filter by fqdn and transparent web proxy (to have a way to collect the fqdn's).

- the web proxy is normal, no blacklist
- create one alias with the fqdn i need to block
- the nat rule for transparent proxy, is changed to do nat to all traffic except destination to my alias
- then the filter rule drop the traffic toward my alias
- and offcourse the nat can be done also by source IP

now kids have no escape :) mhuhahahaha mwuhahahaha

Cheers,