OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Verge of giving up on web filtering
« previous next »
  • Print
Pages: [1]

Author Topic: Verge of giving up on web filtering  (Read 2819 times)

jmf

  • Newbie
  • *
  • Posts: 1
  • Karma: 0
    • View Profile
Verge of giving up on web filtering
« on: August 25, 2017, 09:07:45 pm »
Long story short I started on pfsense and after about 50 hours and long nights of transparent mode, non transparent mode, countless rebuilds I just can't get it to work. 


So I just built a opnsense box and have it all setup.  With about 10 tabs open right now from the document portal and using this https://docs.opnsense.org/manual/how-tos/proxytransparent.html I thought I had it figured it out.

I followed the rule for HTTP and the last part Enable (NAT + Proxy) was there.  I then went back to do the same rule for HTTPS and noticed Enable (NAT + Proxy) was no longer an option.  I then deleted the http rule and tried to make both again and now I can't choose Enable (NAT + Proxy) for http or https.  So as of now porn, gambling  and everything is loading up.  Would love to finish this nightmare today if possible.

Here are a few logs

Code: [Select]
1503687481.211 9 192.168.0.228 TCP_MISS/200 3532 GET http://cdn-ssl.vegasworld.com/i/vg/t/logos/vegas/favicon.png? - ORIGINAL_DST/93.184.216.69 image/png
1503687481.117 0 192.168.0.228 TCP_DENIED/403 4212 GET https://www.google-analytics.com/analytics.js - HIER_NONE/- text/html
1503687481.113 0 192.168.0.228 TCP_DENIED/403 4150 GET http://bat.bing.com/bat.js - HIER_NONE/- text/html
1503687481.052 10 192.168.0.228 TCP_MISS/200 21545 GET http://cdn-ssl.vegasworld.com/i/t/flash_prompt/click_allow.png - ORIGINAL_DST/93.184.216.69 image/png
1503687481.011 101 192.168.0.228 TCP_MISS/200 7989 GET http://www.vegasworld.com/fx/enablePlugin.jsp - ORIGINAL_DST/64.85.93.151 text/html



2017/08/25 14:57:43| Error sending to ICMPv6 packet to [2607:f8b0:4008:805::2003]. ERR: (65) No route to host
2017/08/25 14:48:23 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=[::1]:3129 remote=[::] FD 55 flags=41
2017/08/25 14:48:23 kid1| Accepting NAT intercepted SSL bumped HTTPS Socket connections at local=127.0.0.1:3129 remote=[::] FD 54 flags=41

Thanks
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 17661
  • Karma: 1611
    • View Profile
Re: Verge of giving up on web filtering
« Reply #1 on: August 26, 2017, 08:12:24 pm »
Hi,

You talk about filtering, but don't say if you added filter lists. It looks like the proxy is working in general (access log lights up), but the direct question you are having with regard to your setup is somewhat elusive. Can you please be more clear?


Cheers,
Franco
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • Verge of giving up on web filtering
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2