Page 1 of 3 123 LastLast
Results 1 to 10 of 29
  1. #1
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default How To: Block sites accessed by IP Address

    I have seen a couple forum topics asking about blocking sites that are accessed by it's IP address to get around the Web Filter. Well, here is how this is done using the Protocol Control module.

    Click Show Settings on the Protocol Control Module.

    Select the Protocol List tab

    Click the green + sign to create a new rule.

    You should have a new line appear green in the rules list.

    In the Category cell, enter Block Access by IP

    In the Protocol Cell, enter Access by IP

    Check the Block and check the Log cells

    In the Description Cell, enter Block requests made with IP address

    In the Signature Cell, enter
    Code:
    (GET|POST|HEAD) [^ ]+ HTTP.*host: \b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b
    Click Save

    Now try to access a site by it's IP address. You should get a blank page and an Event should show up as blocked in the Protocol Control module's Event Log.

    I have tested this and it seems to work fine. What that signature does is checks the "host" field in the request and if it contains an IP address in an http request, then it blocks it.

    Have Fun enforcing the Web Filter!!

    Thanks Seb for helping me fine tune it.
    Last edited by Silver Bullet; 03-01-2008 at 08:54 PM. Reason: Edited rule

  2. #2
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    Edited the signature in the original post so that it should only apply to HTTP traffic.

  3. #3
    mdh
    mdh is offline
    Untangle Ninja mdh's Avatar
    Join Date
    Aug 2007
    Posts
    4,752

    Default

    HOT STUFF!

  4. #4
    Newbie
    Join Date
    Mar 2008
    Posts
    1

    Default

    Thank you for sharing this tip. It works great!

  5. #5
    Untanglit MSoucy's Avatar
    Join Date
    Sep 2007
    Posts
    25

    Default

    Thank YOU!

    One more step closer to only having one box for my firewall/filter

  6. #6
    Untangle Ninja Silver Bullet's Avatar
    Join Date
    Sep 2007
    Posts
    1,946

    Default

    Quote Originally Posted by MSoucy View Post
    Thank YOU!

    One more step closer to only having one box for my firewall/filter
    What else is keeping you?

  7. #7
    Untanglit
    Join Date
    Mar 2008
    Posts
    15

    Default

    Thanks. Just what I needed.

  8. #8
    Untangler fartman's Avatar
    Join Date
    Mar 2008
    Posts
    63

    Default

    Thanks, tested in 5.10 and it works.

  9. #9
    Master Untangler Ron Chandy's Avatar
    Join Date
    Feb 2008
    Posts
    132

    Default

    "WOW" silver Bullet that was great stuff. IS there a system to block email addresses also. I have started a thresd on it..
    I believe in Angels...

  10. #10
    Master Untangler
    Join Date
    Apr 2008
    Posts
    136

    Default


    Thank you for this. Infact back in school I used to get around the filters by using IPs so this is great.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2