----- "Zhu Sha Zang" <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hey, i'm using pfsense with transparent proxy (squid + squidGuard) > working well here. > > But some users on my network are using ultrasurf that everything know > use port 443 to connect on proxyes around internet. > > Isn't possible to block 443 port and open it selectively. > > Then, how the better way to block ultrasurf in this situation? > > thanks. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAkqC+1sACgkQ35zeJy7JhCiZ/ACfbD6efbiLvJnIHOOYcBDF1A5E > YfkAmwVHMEY75oNGbMC1X7Vj3Mym5Fzj > =bCg4 > -----END PGP SIGNATURE----- >
You could put a rule on your LAN (or whatever interface your users connect from) that blocks all outbound HTTPS traffic. Then, keeping rule order in mind, selectively create allow rules for those IP's you wish to allow outbound access to HTTPS. Ensuring the legitimate users have the proper IP address and the malicious users don't change it manually or spoof it is a whole different story. :-) Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
