This time I’m going to demonstrate about how to block https web traffic using ZeroShell proxy. As POC I’s going to block https://www.facebook.com here. This was done under ZeroShell version 3.3.2 which is most recent version at the time I’m writing.
1) Open firewall menu from web GUI
“SECURITY” –> “FIREWALL”
2) Add new rule to the “FORWARD” chain.
3) Configure the https blocking rule from “Rule Config” sub windows.
Following parameters are important.
Input :- ETH03 (my LAN Port, change this according to your environment)
Source IP :- ip or rang of ip which this rule is going to apply
Protocol Matching :- TCP
Dest. port :- 443 (https port)
IPTABLES Parameters :- -m string –algo kmp –string facebook.com (most important configuration)
ACTION :- DROP
4) Make sure you have ticked the “Active” to above rule.
this method works perfectly for any https enable web site.
3 comments
meg
April 19, 2016 at 3:18 pm (UTC 5.5) Link to this comment
Hi ! I want to make the action drop. i tried but didn’t work for me, is their a way to do it? TIA 🙂
I am new to ZS. 🙂
Luis Franco
May 15, 2016 at 5:39 am (UTC 5.5) Link to this comment
That solution doesn’t work for me :'(
admin
May 17, 2016 at 5:06 pm (UTC 5.5) Link to this comment
ZeroShell has limited features. why don’t you try SOPHOS free tools .
Sophos XG Firewall (home edition) is capable to filter https traffic as well. 🙂