|
Troubles with an ip site 1 Year ago
|
|
|
Hello everyone
I need to browsing through a site with it's ip addres. I've got set this ip addres in "Exception Site List" section of the content-filter and "Web Site Bypass" section of the proxy, but, this configurations don't help me to browse trough this ip.
Can anyone help me with an opinion?
|
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
open your command prompt.
nslookup <your-ip-address>
you will get the registered domain name of this ip address.
now add this site to your exception list.
sorry ,if it looks crazy..
|
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
Thanks sivabalan for your answer,
However, there's no some name registered to this ip addres, when I typed nslook xxx.xxx.xxx.xxx, the answer was the public dnsserver, no more.
The ip addres look's like this, It's just an example: h_t_t_p_s://190.190.190.2:8443/charge (the "_" is just to can post the protocol), I've investigated about this site, it is installed on a Jboos server. So, with this aditional information, some another idea?
Thanks again for all
|
|
|
|
Last Edit: 2012/05/07 14:42 By marvin_lc.
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
Please, someone, help me.
At the work, we try to connect a site with HTTPS protocol to the site XXX.XXX.XXX.XXX:XXXX, It means, a site with it's public Ip addres and a determinated port.
I've got opened the port in the incoming and outgoing rules, the ip is seted on content filter and proxy exceptions, however, the page can't be opened, What is my fail? What is needed on the configuration to permit the browsing through this site?
Please, Help me, time is running, and I've no a solution yet.
Thanks!
|
|
|
|
Last Edit: 2012/05/07 17:58 By marvin_lc.
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
I don't think you should have any incoming rule. Those rules are for traffic destined for ClearOS and not through ClearOS to the LAN. Also is your outgoing policy is to allow, you should not need an outgoing rule either, but it should not make any difference.
Can you give the output to: | Code: |
iptables -L PREROUTING -n -v -t nat
|
Is the target site using a non-standard port? |
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
Thanks Nick,
Yes, the target site uses a non-standar port, 8443
My clearos policy of outgoing is "Block all outgoing traffic - specify allowed destinations", I've specified this port on my incoming and outgoing rules.
Yesterday I was watching the access log of squid, the error with the target is TCP_DENIED/403, so I think that is some content-filter or dansguardian trouble, but, Which one?
|
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
Can you try adding an iptables rule: | Code: |
iptables -t nat -I PREROUTING -d 1.2.3.4 -j ACCEPT
|
Replace 1.2.3.4 with your destination address. |
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
Nick,
I've installed ClearOs 5.2, so, the file where I've add the rules is /etc/rc.d/rc.firewall or /etc/rc.d/rc.firewall.local?
|
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
To try the rule out, add it at the command line. To make it permanent either add it in the Custom Firewall Rules module or directly to /etc/rc.d/rc.firewall.local.
If it works you can make the rule more specific to the port in question but then you'd possibly need 2 rules, one for tcp and one for udp.
|
|
|
|
|
|
|
Re:Troubles with an ip site 1 Year ago
|
|
|
Nick,
I've add those rules, but, I can't open the site yet!
iptables -t nat -I PREROUTING -d 1.2.3.4 -p tcp -dport 8443 -j ACCEPT
iptables -t nat -I PREROUTING -d 1.2.3.4 -p udp -dport 8443 -j ACCEPT
|
|
|
|
|
|
|
