Verge of giving up on web filtering

Started by jmf, August 25, 2017, 09:07:45 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 25, 2017, 09:07:45 PM
Long story short I started on pfsense and after about 50 hours and long nights of transparent mode, non transparent mode, countless rebuilds I just can't get it to work. 


So I just built a opnsense box and have it all setup.  With about 10 tabs open right now from the document portal and using this https://docs.opnsense.org/manual/how-tos/proxytransparent.html I thought I had it figured it out.

I followed the rule for HTTP and the last part Enable (NAT + Proxy) was there.  I then went back to do the same rule for HTTPS and noticed Enable (NAT + Proxy) was no longer an option.  I then deleted the http rule and tried to make both again and now I can't choose Enable (NAT + Proxy) for http or https.  So as of now porn, gambling  and everything is loading up.  Would love to finish this nightmare today if possible.

Here are a few logs

Code Select
1503687481.211 9 192.168.0.228 TCP_MISS/200 3532 GET http://cdn-ssl.vegasworld.com/i/vg/t/logos/vegas/favicon.png? - ORIGINAL_DST/93.184.216.69 image/png
1503687481.117 0 192.168.0.228 TCP_DENIED/403 4212 GET https://www.google-analytics.com/analytics.js - HIER_NONE/- text/html
1503687481.113 0 192.168.0.228 TCP_DENIED/403 4150 GET http://bat.bing.com/bat.js - HIER_NONE/- text/html
1503687481.052 10 192.168.0.228 TCP_MISS/200 21545 GET http://cdn-ssl.vegasworld.com/i/t/flash_prompt/click_allow.png - ORIGINAL_DST/93.184.216.69 image/png
1503687481.011 101 192.168.0.228 TCP_MISS/200 7989 GET http://www.vegasworld.com/fx/enablePlugin.jsp - ORIGINAL_DST/64.85.93.151 text/html



2017/08/25 14:57:43| Error sending to ICMPv6 packet to [2607:f8b0:4008:805::2003]. ERR: (65) No route to host
2017/08/25 14:48:23 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::1]:3129 remote=[::] FD 55 flags=41
2017/08/25 14:48:23 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=127.0.0.1:3129 remote=[::] FD 54 flags=41


Thanks
August 26, 2017, 08:12:24 PM #1
Hi,

You talk about filtering, but don't say if you added filter lists. It looks like the proxy is working in general (access log lights up), but the direct question you are having with regard to your setup is somewhat elusive. Can you please be more clear?


Cheers,
Franco
Print
Go Up Pages1
User actions