Dear Team
Please let me know how to configure URL filtering and application control in vyos.
@devashish
You can use webproxy to filter urls.
Hello apostoliuk
can i get the commands if i want to allow only www.gmail.com url and expect this other url is blocked
i have already used below commands :-
:~$update webproxy blacklists
iam using below commands for filtering on vyos 1.4 rolling version but nothing happens.
set service webproxy listen-address 192.168.10.1
set service webproxy listen-address 192.168.10.3
set service webproxy url-filtering squidguard local-block ‘youtube.com’
set service webproxy url-filtering squidguard local-block ‘facebook.com’
set service webproxy url-filtering squidguard log ‘local-block’
First upgrade vyos1.4 on the latest version.
If you use webproxy, you should use proxy configuration on client side too.
Try ‘disable-transparent’ option in ‘set service webproxy listen-address’ command.
Iam using the latest 1.4 rolling version which comes on 15-feb-2023
I don’t understand what do you mean to use proxy configuration on client side. what configuration need to configure and where.
from where we can get option "disable tranparent " there is no option in there
There is an option: https://docs.vyos.io/en/latest/configuration/service/webproxy.html#cfgcmd-set-service-webproxy-listen-address-address-disable-transparent
-
I don’t understand what do you mean to use proxy configuration on client side. what configuration
need to configure and where.Every client’s OS has proxy configuration. You can find it on the Internet.
Here for Windows
Use a proxy server in Windows - Microsoft Support. -
About option ‘disable-transparent’. @pepe showed you the correct link.
-
set service webproxy url-filtering squidguard local-block ‘youtube.com’
This command is not correct. You should use
set service webproxy url-filtering squidguard local-block-url ‘youtube.com’ -
To allow only gmail.com is difficult, because it uses many redirects. You should allow all of them in ‘local-ok-url’ section.
Dear Team
everything is working good when i allowed google.com its working , when i allowed facebook.com its working but when i allowed twitter.com but its not working .
below is my command:-
set service webproxy cache-size ‘1024’
set service webproxy default-port ‘8080’
set service webproxy listen-address 192.168.10.1 disable-transparent
set service webproxy url-filtering squidguard default-action ‘block’
set service webproxy url-filtering squidguard local-block-url ‘youtube.com’
set service webproxy url-filtering squidguard local-ok-url ‘google.com’
set service webproxy url-filtering squidguard local-ok-url ‘facebook.com’
set service webproxy url-filtering squidguard local-ok-url ‘twitter.com’
currently i blocked the youtube on above command, but when i allowed it on local-ok-url , and remove it from block list ,it is giving me the same issue the youtube is not open like twitter .
set service webproxy url-filtering squidguard local-ok-url ‘youtube.com’
same issue comes now with facebook.com,its not open properly
please let us know why we need “local-ok” and “local-block”
is there anything i missed ???
Dear Team
Now my all url is not working even though all comes in local-ok-url list.
what happening is this ???
now below is my current command :-
set service webproxy cache-size ‘1024’
set service webproxy default-port ‘8080’
set service webproxy listen-address 192.168.10.1 disable-transparent
set service webproxy url-filtering squidguard default-action ‘block’
set service webproxy url-filtering squidguard local-ok-url ‘facebook.com’
set service webproxy url-filtering squidguard local-ok-url ‘twitter.com’
set service webproxy url-filtering squidguard local-ok-url ‘youtube.com’
If i remove the Line “default-action ‘block’” , now every url is working , but this is not what i want
Hello @devashish
I tried your configuration. In my case, it works.
But as I said before many sites use redirects and other things. It works, but it does not show clearly.
I recommend using url-filtering only to block specific URLs or categories.
is this webproxy url filtering is working on VyOS 1.2.0 ???
Actually i tried it on 1.4 rolling version but i need to know is this working on vyos 1.2.0 version
We do not recommend using such old version. If you want to use webproxy, we recommend using 1.4 ver.
The last bugs in webproxy were fixed in 1.4.
And all these fixes will be available in 1.3.3