How to block proxies?

Discussion in 'Tomato Firmware' started by Runner3000, Aug 10, 2007.

  1. Runner3000

    Runner3000


    I was wondering if anyone could tell my how to block most or (preferably) all proxies. I'm using Tomato v1.07 on WRT54GL v1.1
  2. wborba

    wborba

    Please, be more specific in your question.
    What proxies do you want to block ? internal proxies ? external (public) proxies ?

    Btw, "Access Restriction" option lets you block specific source or destination IP address, ports, etc

  3. mikester

    mikester

  4. Runner3000

    Runner3000

    First, sorry for not being more specific the first time around.

    Second, I was thinking of external (public) browsers like

    I know I can block specific ips, but there's like a bazillion proxies out there. So I was hoping for some smart way of doing it, without actually knowing each and every ip.

    oh yes and it's gotta be 100% transparent to user.
  5. mikester

    mikester

    Why not log proxy traffic then start blocking IP's?

    You could also start blocking by keyword i.e. anything with "proxy" gets dropped.
  6. ifican

    ifican

    The best way around this is to use a web filtering program, there are lots out there but Websense comes to mind. If that is not an option the second best is to only allow outbound port 80 traffic and block everything else unless there is a specific need, proxies generally use ports other then 80 and 443. Other then that unless you as suggested start logging everything and blocking ip's 1 at a time its hard. Believe me i have gone down that route, having to log, block, log, block, log, block, until i got tired of it and just shut down access to the troublesome group until they could be talked too.
