Hi There,
since the first installations, we put the following content filter rules on most of our customers router
36 ;;; Facebook
chain=restricted action=reject reject-with=icmp-host-prohibited protocol=tcp
out-interface=ether1 dst-port=80 content=facebook.com
time=9h-17h,mon,tue,wed,thu,fri,sat37 ;;; Twitter
chain=restricted action=reject reject-with=icmp-host-prohibited protocol=tcp
out-interface=ether1 dst-port=80 content=twitter.com time=9h-17h,mon,tue,wed,thu,fri,sat38 X ;;; YouTube
chain=restricted action=reject reject-with=icmp-host-prohibited protocol=tcp
out-interface=ether1 dst-port=80 content=youtube.com time=9h-17h,mon,tue,wed,thu,fri,sat39 ;;; Jump to restricted chain
chain=forward action=jump jump-target=restricted
But since the proxy enable, all the above rules got ignored. The proxy rules put are as follows :
ip proxy pr
enabled: yes
src-address: 0.0.0.0
port: 8080
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: “webmaster”
max-cache-size: unlimited
cache-on-disk: no
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 1d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: systemip fi na pr
Flags: X - disabled, I - invalid, D - dynamic
0 chain=dstnat action=redirect to-ports=8080 protocol=tcp dst-port=801 chain=srcnat action=masquerade out-interface=ether1
I believe something should be altered, perhaps on filter rules but I do not know which part.
Can someone assist me ?
TIA
Paul