-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 10/24/2016 09:17 PM, Grant Pasley wrote: > Hi All, > > I have a transparent proxy using Diladelle Web Shield and > forwarding all http / https traffic to Squid. Chrome users seem to > still be able to browse certain blocked sites, presumably because > of the way Chrome uses the QUIC protocol. What is the best method > of blocking this traffic in shorewall? >
Reject any unneeded loc->net UDP traffic. - -Tom - -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJYD3dlAAoJEJbms/JCOk0QVycP/3s9G/sWPZ6bQPUjrDw9Q398 Q4oJzBttGflTnmy1M6Elk7qhsW8VxHrP5p7Uyt+rumSLaFKCU/sxYUMS1hi2zbs8 rQSCSQFGihdSjv7KyUDy1QkTJ5Yax0uekGmiU34NaRmufCaqzH9N1wqZkhqQmDZ6 CoxLvGY1rRHRwnqAV6J0KVtCA6Dvmh7feg1mXDMlrwL1V4HDMiFTcbDmyoK9SZ6j NqeZU6PeWPrDkARsC5nCeAa8DBN2OkXrugZeuipaA5Vm5F4ApA4r5+7O+4Bjoedj PBVO6/vU4xgiCMPitD8OPrRmki6dRoo5e6u+UJPlbhB3v7P9U3CNWPxKKSDjIg9V 8EWckzjQaR3Yqoeu92r5Gacz/AcdVSSePxuM3w2cH/LELemM1v0DRJecb/NBsaiR ccIzylGjUPLqTwxudKgcTAv4ru16xLxfFJV4GdAZG4cQC6mT8/F+kYmlqTYvkEhv a6ulhoQju9cMg/mWMgPOXgpBLEk/HF0FuZN7xF/3nW+/ej9XXi778vrPKizOgJfV 50Lxhl9BEI2eOd3Hj6t/enbwBzcDRYnZPJOR6ykWYRZZo7FgGe6wyndGRh0GktAZ RaWs60lkHakOHfdTSnjaDGnVrF5efK0CpRYMwv/hZFuRu7QsQDa0ZGirkZAET6K6 52o2ywlwSzq4u9tsqK8V =/dIr -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ The Command Line: Reinvented for Modern Developers Did the resurgence of CLI tooling catch you by surprise? Reconnect with the command line and become more productive. Learn the new .NET and ASP.NET CLI. Get your free copy! http://sdm.link/telerik _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
