This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I block a certain link?

I'm trying to block a certain link on google sites.   For some reason, any type of blacklist rule I try, isn't working.   

https://sites.google.com/site/unblockedgames4me/

 

Any suggestions or tips?    



This thread was automatically locked due to age.
Parents
  • If you are new to UTM, it is important to understand how UTM works.   Start by reading the articles and some of the other links that are referenced there.   They contain important information that is not in the manual.

    Additionally, there is a lot of information about Chrome that is not well documented, which fortunately has been explored on this forum.   Chrome has a feature called QUIC which uses UDP 443 to provide faster browsing of https sites (when the server is also a Google system).   Chrome's attempt sequence is:

    1. Try UDP 443 with the Standard Proxy (if configured)
    2. Try UDP 443 ignoring the Standard Proxy
    3. Try TCP 443 with the Standard Proxy (if configured)
    4. Try TCP 443 ignoring the Standard Proxy

    By default, the following result will occur:

    1. UTM standard proxy blocks UDP 443.   UTM transparent proxy ignores UDP 443.   Either way the UTM Web Proxy is bypassed
    2. UTM firewall allows UDP 443 (because you probably configured a default-allow rule for outbound traffic.

    The solution is to block outbound UDP 443 using a firewall rule. 

    It is possible to force UDP 443 through the Standard Proxy by adding UDP 443 to the Allowed Ports list, but Sophos has never said that they have tested UDP 443 with their web filter, so I prefer to block it completely.

    With UDP 443 blocked at the firewall, Chrome will be forced to use TCP 443, which will be handled by either the Standard Mode or Transparent Mode web proxy.

    This issue comes up a lot.   I just don't know how to post it so that people see it before they need it.

Reply
  • If you are new to UTM, it is important to understand how UTM works.   Start by reading the articles and some of the other links that are referenced there.   They contain important information that is not in the manual.

    Additionally, there is a lot of information about Chrome that is not well documented, which fortunately has been explored on this forum.   Chrome has a feature called QUIC which uses UDP 443 to provide faster browsing of https sites (when the server is also a Google system).   Chrome's attempt sequence is:

    1. Try UDP 443 with the Standard Proxy (if configured)
    2. Try UDP 443 ignoring the Standard Proxy
    3. Try TCP 443 with the Standard Proxy (if configured)
    4. Try TCP 443 ignoring the Standard Proxy

    By default, the following result will occur:

    1. UTM standard proxy blocks UDP 443.   UTM transparent proxy ignores UDP 443.   Either way the UTM Web Proxy is bypassed
    2. UTM firewall allows UDP 443 (because you probably configured a default-allow rule for outbound traffic.

    The solution is to block outbound UDP 443 using a firewall rule. 

    It is possible to force UDP 443 through the Standard Proxy by adding UDP 443 to the Allowed Ports list, but Sophos has never said that they have tested UDP 443 with their web filter, so I prefer to block it completely.

    With UDP 443 blocked at the firewall, Chrome will be forced to use TCP 443, which will be handled by either the Standard Mode or Transparent Mode web proxy.

    This issue comes up a lot.   I just don't know how to post it so that people see it before they need it.

Children
No Data