Só uso pfsense como proxy, não uso como firewall. Em 22 de setembro de 2012 10:49, Fernando Henrique Neves < [email protected]> escreveu:
> Com esse link ja resolve e cria uma regra em LAN bloqueando o acesso para > o alias > > http://nextsense.com.br/blog/archives/402 > > > 2012/9/20 Paulo Henrique - BSDs Brasil <[email protected]> > >> Com proxy configurado no navegador o Squid consegue expecionar trafego >> https ( man-in-the-middle ) ai consegue analisar a url. >> Com proxy transparente trafego cryptografado. >> Por isso que é impossivel* tal analise. >> Att. Paulo Henrique. >> Em 20/09/2012 17:32, cesar castro escreveu: >> >> Não entendi essa parte: >> HTTPs sem configuração de servidor proxy direto no navegador não >> funciona >> >> Em 20 de setembro de 2012 17:29, mantunes >> <[email protected]>escreveu: >> >>> impossivel via proxy transparente. >>> >>> Em 20 de setembro de 2012 17:15, cesar castro <[email protected]> >>> escreveu: >>> > Vc quer dizer com proxy transparente? >>> > >>> > >>> > Em 20 de setembro de 2012 17:12, Paulo Henrique - BSD >>> > <[email protected]> escreveu: >>> > >>> >> Em 20/09/2012 17:04, cesar castro escreveu: >>> >> >>> >> Se você criar uma groupacl e marcar a opção : >>> >> Not to allow IP addresses in URL >>> >> Criar uma categoria e adicionar em expressions facebook não resolve? >>> >> >>> >> Em 20 de setembro de 2012 16:56, Paulo Henrique - BSD >>> >> <[email protected]> escreveu: >>> >>> >>> >>> Para eliminar o facebook definitivamente da rede, faça o seguinte: >>> >>> >>> >>> Intale o pfblocker ( contribuição de um dos companheiros da >>> comunidade >>> >>> PFSense-BR ) >>> >>> Cria a lista com opção de "Deny Both" >>> >>> >>> >>> E coloque os seguintes endereços na lista. >>> >>> >>> >>> 204.15.20.0/22 >>> >>> 69.63.176.0/20 >>> >>> 66.220.144.0/19 >>> >>> 69.63.184.0/21 >>> >>> 69.63.176.0/21 >>> >>> 74.119.76.0/22 >>> >>> 69.171.255.0/24 >>> >>> 173.252.64.0/18 >>> >>> 69.171.224.0/19 >>> >>> 103.4.96.0/22 >>> >>> 69.63.176.0/24 >>> >>> 173.252.64.0/19 >>> >>> 173.252.70.0/24 >>> >>> 31.13.64.0/18 >>> >>> 31.13.24.0/21 >>> >>> 66.220.152.0/21 >>> >>> 66.220.159.0/24 >>> >>> 69.171.239.0/24 >>> >>> 69.171.240.0/20 >>> >>> 31.13.64.0/19 >>> >>> 31.13.64.0/24 >>> >>> 31.13.65.0/24 >>> >>> 31.13.67.0/24 >>> >>> 31.13.68.0/24 >>> >>> 31.13.69.0/24 >>> >>> 31.13.70.0/24 >>> >>> 31.13.71.0/24 >>> >>> 31.13.72.0/24 >>> >>> 31.13.73.0/24 >>> >>> 31.13.74.0/24 >>> >>> 31.13.75.0/24 >>> >>> 31.13.76.0/24 >>> >>> 31.13.77.0/24 >>> >>> 31.13.96.0/19 >>> >>> 31.13.66.0/24 >>> >>> 173.252.96.0/19 >>> >>> 69.63.178.0/24 >>> >>> 31.13.78.0/24 >>> >>> 31.13.79.0/24 >>> >>> 31.13.80.0/24 >>> >>> 31.13.82.0/24 >>> >>> 31.13.83.0/24 >>> >>> 31.13.84.0/24 >>> >>> 31.13.85.0/24 >>> >>> 31.13.86.0/24 >>> >>> 31.13.87.0/24 >>> >>> 31.13.88.0/24 >>> >>> 31.13.89.0/24 >>> >>> 31.13.90.0/24 >>> >>> 31.13.91.0/24 >>> >>> 31.13.92.0/24 >>> >>> 31.13.93.0/24 >>> >>> 31.13.94.0/24 >>> >>> 31.13.95.0/24 >>> >>> 204.15.20.0/22 >>> >>> 69.63.176.0/20 >>> >>> 69.63.176.0/21 >>> >>> 69.63.184.0/21 >>> >>> 66.220.144.0/20 >>> >>> 69.63.176.0/20 >>> >>> 66.220.0.0/16 >>> >>> 66.220.144.0/20 >>> >>> 69.63.0.0/16 >>> >>> 69.171.0.0/16 >>> >>> 173.252.0.0/16 >>> >>> 204.15.16.0/20 >>> >>> 173.252.64.0/18 >>> >>> >>> >>> >>> >>> Retirei ela fazendo consulta do AS do facebook . >>> >>> Acabou meus problemas. >>> >>> >>> >>> Att. Paulo Henrique... >>> >>> >>> >>> Em 20/09/2012 16:46, Cleuson Alves escreveu: >>> >>> >>> >>> Olá pessoal, como cadastro no alias que criei estes endereços para >>> >>> bloquear o facebook no pfsense. >>> >>> Segue o site de onde tirei estas informações: >>> >>> http://bgp.he.net/search?search[search]=facebook&commit=Search >>> >>> >>> >>> >>> >>> 2620:0000:1c00::/40 >>> >>> 2620:0000:1cff::/48 >>> >>> 2a03:2880::/32 >>> >>> >>> >>> Obrigado. >>> >>> -- >>> >>> Cleuson de Oliveira Alves >>> >>> Rio de Janeiro - RJ >>> >>> >>> >>> >>> >>> >>> >>> _______________________________________________ >>> >>> Pfsense-pt mailing list >>> >>> [email protected] >>> >>> http://lists.pfsense.org/mailman/listinfo/pfsense-pt >>> >>> >>> >>> >>> >>> >>> >>> -- >>> >>> Paulo Henrique >>> >>> BSD Brasil >>> >>> Fone: (21) 9683-5433 <%2821%29%209683-5433> >>> >>> Genuine user Unix/BSD :D >>> >>> >>> >>> >>> >>> _______________________________________________ >>> >>> Pfsense-pt mailing list >>> >>> [email protected] >>> >>> http://lists.pfsense.org/mailman/listinfo/pfsense-pt >>> >>> >>> >> >>> >> >>> >> >>> >> _______________________________________________ >>> >> Pfsense-pt mailing list >>> >> [email protected] >>> >> http://lists.pfsense.org/mailman/listinfo/pfsense-pt >>> >> >>> >> Infelizmente não, pois o squid/squidguard so analisa url no qual ele >>> >> consegue ler, o que em acesso HTTPs sem configuração de servidor proxy >>> >> direto no navegador não funciona. >>> >> O mesmo vale para o resto de aplicações distribuidas sobre https. >>> >> >>> >> Att. >>> >> >>> >> -- >>> >> Paulo Henrique >>> >> BSD Brasil >>> >> Fone: (21) 9683-5433 <%2821%29%209683-5433> >>> >> Genuine user Unix/BSD :D >>> >> >>> >> >>> >> _______________________________________________ >>> >> Pfsense-pt mailing list >>> >> [email protected] >>> >> http://lists.pfsense.org/mailman/listinfo/pfsense-pt >>> >> >>> > >>> > >>> > _______________________________________________ >>> > Pfsense-pt mailing list >>> > [email protected] >>> > http://lists.pfsense.org/mailman/listinfo/pfsense-pt >>> > >>> >>> >>> >>> -- >>> Marcio Antunes >>> Powered by FreeBSD >>> ================================== >>> * Windows: "Where do you want to go tomorrow?" >>> * Linux: "Where do you want to go today?" >>> * FreeBSD: "Are you, guys, comming or what?" >>> _______________________________________________ >>> Pfsense-pt mailing list >>> [email protected] >>> http://lists.pfsense.org/mailman/listinfo/pfsense-pt >>> >> >> >> >> _______________________________________________ >> Pfsense-pt mailing >> [email protected]http://lists.pfsense.org/mailman/listinfo/pfsense-pt >> >> >> >> -- >> Paulo Henrique. >> BSDs Brasil - FUG-BR >> site: www.fug.com.br >> >> Rip Irado !!! >> flamers > /dev/null >> >> >> >> _______________________________________________ >> Pfsense-pt mailing list >> [email protected] >> http://lists.pfsense.org/mailman/listinfo/pfsense-pt >> >> > > _______________________________________________ > Pfsense-pt mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/pfsense-pt > >
_______________________________________________ Pfsense-pt mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/pfsense-pt
