URL filtering on EdgeRouter
-
I have a network where I only want the computers to be able to get out to Windows updates and their AV software. Both of those things work on URLs and not IPs. Is the correct way to go about this command line on the ER with some commands like:
url-filtering { squidguard { redirect-url http://google.com rule 10 { local-allow windowsupdate.microsoft.com local-allow *.windowsupdate.microsoft.com local-allow *.update.microsoft.com local-allow *.windowsupdate.com local-allow download.windowsupdate.com local-allow download.microsoft.com local-allow *.download.windowsupdate.com local-allow test.stats.update.microsoft.com local-allow ntservicepack.microsoft.com source-group LAN-desktops } source-group LAN-desktops { address 192.168.10.2-192.168.10.254 }Is there a better way to go about this?
-
You could do it through DNS filtering as well. But Squidguard should do what you want.
-
Well the correct way is not to try to shoehorn this into your edge router but if the site is small enough yes you can add the packages and do it this way
-
Does Squidguard block https sites now? I used to have it setup on our pfSense firewall but it didn't block https back when we used it.
-
@romo said in URL filtering on EdgeRouter:
Does Squidguard block https sites now? I used to have it setup on our pfSense firewall but it didn't block https back when we used it.
Squid Proxy needs to be set up for it for SquidGuard to block https sites.
Screenshot from pfSense using Squid 3 package
-
@black3dynamite But is it still doing a MITM to block it or is it doing it some other way?
-
@jaredbusch said in URL filtering on EdgeRouter:
Well the correct way is not to try to shoehorn this into your edge router but if the site is small enough yes you can add the packages and do it this way
This would be for 4 computers and a server. Since the users won't be able to get on the internet and it's only windows updates and AV updates that will generate traffic, I think they will be OK.
Have you used this in a typical office environment? Where would you draw the line in terms of number of users/number of rules? I've never used the ER to filter on domains before.
