INTRODUCTION

Block Facebook, twitter and YouTube HTTPS Traffic In Squid Transparent Mode

After setting up Squid As Transparent Proxy Mode, most of the system admins try to block Facebook, Twitter and YouTube in their network.

`

All these websites using HTTPS connection as default for security concern, but unfortunately the basic configuration of squid transparent proxy mode does not allow or block HTTPS traffic.

To understand how squid proxy deals with HTTPS traffic, please refer to previous article where we have discussed How to Allow HTTPS Traffic While Using Squid as Transparent Proxy Mode.

After reading above article, I assume that you are aware now how squid transparent proxy mode behave with HTTPS traffic and how we allowed HTTPS traffic using ipv4 forwarding feature.

So in this guide we will learn how to Block HTTPS Traffic while Squid is running as Transparent Proxy.

We understand now that 443 port traffic is passing through iptables firewall. So with the help of iptables string matching feature we will see how to block Facebook, Twitter and YouTube HTTPS traffic.

Note:-Refer this guide to enable iptables in CentOS 7 How to Enable Iptables Firewall in CentOS 7 / RHEL 7

Iptables Rule to Block Facebook in Squid Transparent Proxy Setup

iptables -I FORWARD -p tcp --dport 80 -m string --string 'facebook.com' --algo bm --to 65535 -j DROP
iptables -I FORWARD -p tcp --dport 443 -m string --string 'facebook.com' --algo bm --to 65535 -j DROP

Iptables Rule to Block Twitter in Squid Transparent Proxy Setup

iptables -I FORWARD -p tcp --dport 80 -m string --string 'twitter.com' --algo bm --to 65535 -j DROP
iptables -I FORWARD -p tcp --dport 443 -m string --string 'twitter.com' --algo bm --to 65535 -j DROP

Iptables Rule to Block YouTube in Squid Transparent Proxy Setup

iptables -I FORWARD -p tcp --dport 80 -m string --string 'youtube.com' --algo bm --to 65535 -j DROP
iptables -I FORWARD -p tcp --dport 443 -m string --string 'youtube.com' --algo bm --to 65535 -j DROP

Above rules will block entire traffic destine to 443 port but you can apply same rule on particular single ip, range of ips or complete network.

To Apply Same Rule on Single IP Address

iptables -I FORWARD -p tcp --dport 443 -s 192.168.2.10 -m string --string 'youtube.com' --algo bm --to 65535 -j DROP

To Apply Same Rule on Range of IP Addresses

iptables -I FORWARD -p tcp --dport 443 -m iprange --src-range 192.168.2.11-192.168.2.15 -m string --string 'youtube.com' --algo bm --to 65535 -j DROP

Above rule will block YouTube.com only specified ips from 11 to 15 other all range is allowed.

To Apply Same Rule on Whole Subnet of 192.168.2.0/24

iptables -I FORWARD -p tcp --dport 443 -s 192.168.2.0/24 -m string --string 'youtube.com' --algo bm --to 65535 -j DROP

If you face any difficulty related to this guide, Tell us in Comments. Thanks


If you like this Post, please give us your valuable feedback by pressing Vote Up / Vote Down Button. Thanks.

[thumbs-rating-buttons]


Similar Posts