Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Searching: Block LAN to unresolved IP (non-sni) Internet address
« previous
next »
Print
Pages: [
1
]
Author
Topic: Searching: Block LAN to unresolved IP (non-sni) Internet address (Read 1472 times)
errored out
Full Member
Posts: 171
Karma: 3
Searching: Block LAN to unresolved IP (non-sni) Internet address
«
on:
September 12, 2020, 02:11:04 am »
I am looking for a method of blocking internal traffic from accessing
any
external (routable / Internet) IP address which have not been resolved / "naked" (non-sni) by dns.
Ex. Right now, my computer inside my network is able to traverse opnsense and access any site (https) by domain name or IP. For instance
https://opnsense.org
or by
https://81.171.2.181
.
I am looking to allow my computer to still be able to access
https://opnsense.org;
however,
not be able to access
https://81.171.2.181
(or any routable ip address).
I am aware I can block specific IPs. However, that would block access to the hosts I'm trying to access. And it would not be realistic to individually block all external hosts by their IP address.
Simply put, looking to block "how" a computer connects to a external host, not block access to an external host.
I am assuming what is needed is squid or nginx, but have not found the answer yet.
Which one is needed if any?
What options or configurations should I look into?
Thank you
Logged
errored out
Full Member
Posts: 171
Karma: 3
Re: Searching: Block LAN to unresolved IP (non-sni) Internet address
«
Reply #1 on:
September 16, 2020, 12:33:44 am »
Anyone?
Logged
errored out
Full Member
Posts: 171
Karma: 3
Re: Searching: Block LAN to unresolved IP (non-sni) Internet address
«
Reply #2 on:
September 28, 2020, 12:22:12 am »
?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Searching: Block LAN to unresolved IP (non-sni) Internet address