Astaro User Bulletin Board
Go Back   Astaro User Bulletin Board > Astaro Gateway Products > Network Security: Firewall, NAT, QoS, IPS and more
Reload this Page how to block/pass some ports on transparent
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Welcome to the Astaro User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 09-27-2007, 08:06 PM
Junior Member
  
Join Date: Nov 2005
Posts: 20
Default how to block/pass some ports on transparent
hello,
could you advice me how to block/pass some ports on transparent mode? i.e. i want to pass 443 port only for some urls, and block other 443 urls.
Reply With Quote
  #2 (permalink)  
Old 09-27-2007, 10:53 PM
Cath's Avatar
Senior Member
  
Join Date: Nov 2005
Location: Canada
Posts: 153
Default
In transparent mode for http you won't be able to block anything with the http proxy other than regular http sites.

For https you can set packetfilter rules for websites you wish to access.

Create a DNS host definition for the website and you will likely want to create a website_allowed network group for the objects.

Packet filter rule:
Source; internal(network) Service: HTTPS Destination: Website_allowed Action: allow

Then create a drop rule
Source: internal(network) Service: HTTPS Destination: Any Action: Drop
__________________
ASG 120 - 7.403
Beta 7.460
Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 03:09 AM.

 
Contact Us - Astaro User Bulletin Board - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.


These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases. issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.