Url-Guarding Issue
Posted: 11 May 2017 12:10
Hi David,
I implemented our cacheguard appliance as a non transparent proxy.
The http and https traffic from our clients flows over the cacheguard --> works fine!
I activated the automatic download of the blacklists from your ftp Server --> works fine!
Autoupdate works fine too:
2017/05/11-03:28:03 Begining the URL list update
2017/05/11-03:28:03 Loading Advert domains contents
2017/05/11-03:28:06 Loading Advert urls contents
2017/05/11-03:28:06 Loading Chat domains contents
2017/05/11-03:28:10 Loading Chat urls contents
2017/05/11-03:28:10 Loading Dating domains contents
2017/05/11-03:28:13 Loading Dating urls contents
2017/05/11-03:28:13 Loading Drugs domains contents
2017/05/11-03:28:16 Loading Drugs urls contents
2017/05/11-03:28:16 Loading Porn domains contents
2017/05/11-03:28:19 Loading Porn urls contents
2017/05/11-03:28:19 Loading Redirector domains contents
2017/05/11-03:28:23 Loading Redirector urls contents
2017/05/11-03:28:23 Loading SpyWare domains contents
2017/05/11-03:28:26 Loading SpyWare urls contents
2017/05/11-03:28:26 Loading Violence domains contents
2017/05/11-03:28:29 Loading Violence urls contents
2017/05/11-03:28:29 Updating (1) the 'Advert(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Advert(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Chat(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Chat(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Dating(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Dating(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Drugs(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Drugs(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Porn(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Porn(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Redirector(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Redirector(urls)' list
2017/05/11-03:28:29 Updating (1) the 'SpyWare(domains)' list
2017/05/11-03:28:29 Updating (1) the 'SpyWare(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Violence(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Violence(urls)' list
2017/05/11-03:28:30 Refreshing the URL Guard
2017/05/11-03:28:30 Ending the URL list update
Then I created the guard filter for the IP range and after this step I created the guard policy only with the IP filter.
Finally I definded the guard rule.
But Cacheguard wont block the traffic to the blacklisted URLs/Domains for example youporn.com
Here are the Output from console which mybe helpful:
login as: admin
Welcome to the CacheGuard Web Gateway
Management URL: https://xxxx:8090 from allowed networks
Copyrights (C) 2002-2016 CacheGuard - All rights reserved
admin@xxx.xxx.xxx.xxx's password:
Access denied
admin@xxx.xxx.xxx.xxx's password:
admin@cacheguard> mode guard
mode guard on
admin@cacheguard> mode transparent
mode tweb on
admin@cacheguard> mode sslmediate
mode sslmediate off
admin@cacheguard> urllist
urllist Advert
Chat
Dating
Drugs
Porn
Redirector
SpyWare
Violence
admin@cacheguard> guard filter
guard filter ip FilterExtWlanRange network 172.x.x.x/255.255.0.0
guard filter time <null>
guard filter ldap <null>
admin@cacheguard> guard policy
guard policy myNAVAXExtWlanPolicy: ip FilterExtWlanRange
admin@cacheguard> guard rule
guard rule default deny: Porn
myNAVAXExtWlanPolicy deny: Porn
Advert
Violence
SpyWare
Redirector
Drugs
Dating
Chat
admin@cacheguard>
What I did wrong ?
Kindly regards,
michael
I implemented our cacheguard appliance as a non transparent proxy.
The http and https traffic from our clients flows over the cacheguard --> works fine!
I activated the automatic download of the blacklists from your ftp Server --> works fine!
Autoupdate works fine too:
2017/05/11-03:28:03 Begining the URL list update
2017/05/11-03:28:03 Loading Advert domains contents
2017/05/11-03:28:06 Loading Advert urls contents
2017/05/11-03:28:06 Loading Chat domains contents
2017/05/11-03:28:10 Loading Chat urls contents
2017/05/11-03:28:10 Loading Dating domains contents
2017/05/11-03:28:13 Loading Dating urls contents
2017/05/11-03:28:13 Loading Drugs domains contents
2017/05/11-03:28:16 Loading Drugs urls contents
2017/05/11-03:28:16 Loading Porn domains contents
2017/05/11-03:28:19 Loading Porn urls contents
2017/05/11-03:28:19 Loading Redirector domains contents
2017/05/11-03:28:23 Loading Redirector urls contents
2017/05/11-03:28:23 Loading SpyWare domains contents
2017/05/11-03:28:26 Loading SpyWare urls contents
2017/05/11-03:28:26 Loading Violence domains contents
2017/05/11-03:28:29 Loading Violence urls contents
2017/05/11-03:28:29 Updating (1) the 'Advert(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Advert(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Chat(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Chat(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Dating(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Dating(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Drugs(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Drugs(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Porn(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Porn(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Redirector(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Redirector(urls)' list
2017/05/11-03:28:29 Updating (1) the 'SpyWare(domains)' list
2017/05/11-03:28:29 Updating (1) the 'SpyWare(urls)' list
2017/05/11-03:28:29 Updating (1) the 'Violence(domains)' list
2017/05/11-03:28:29 Updating (1) the 'Violence(urls)' list
2017/05/11-03:28:30 Refreshing the URL Guard
2017/05/11-03:28:30 Ending the URL list update
Then I created the guard filter for the IP range and after this step I created the guard policy only with the IP filter.
Finally I definded the guard rule.
But Cacheguard wont block the traffic to the blacklisted URLs/Domains for example youporn.com
Here are the Output from console which mybe helpful:
login as: admin
Welcome to the CacheGuard Web Gateway
Management URL: https://xxxx:8090 from allowed networks
Copyrights (C) 2002-2016 CacheGuard - All rights reserved
admin@xxx.xxx.xxx.xxx's password:
Access denied
admin@xxx.xxx.xxx.xxx's password:
admin@cacheguard> mode guard
mode guard on
admin@cacheguard> mode transparent
mode tweb on
admin@cacheguard> mode sslmediate
mode sslmediate off
admin@cacheguard> urllist
urllist Advert
Chat
Dating
Drugs
Porn
Redirector
SpyWare
Violence
admin@cacheguard> guard filter
guard filter ip FilterExtWlanRange network 172.x.x.x/255.255.0.0
guard filter time <null>
guard filter ldap <null>
admin@cacheguard> guard policy
guard policy myNAVAXExtWlanPolicy: ip FilterExtWlanRange
admin@cacheguard> guard rule
guard rule default deny: Porn
myNAVAXExtWlanPolicy deny: Porn
Advert
Violence
SpyWare
Redirector
Drugs
Dating
Chat
admin@cacheguard>
What I did wrong ?
Kindly regards,
michael