Hi,
my http Proxy runs in transparent mode and is enabled. I have tested the usage of the HTTP proxy transparent mode skiplist.
The (complete) internal network is member of the HTTP Proxy allowed networks.
I added one host to the transparent mode skiplist and tested from this PC.
First test:
Allow http traffic for listed hosts/nets : enabled
Browsing without restrictions is possible, also no categories from the default http proxy configuration are active -> that’s OK.
The access to the internet is possible even if there is a packet filter definition active that rejects all HTTP-traffic. So the packet filters are not evaluated. That was to be expected.
Second test:
Allow http traffic for listed hosts/nets : DISABLED now.
Browsing without restrictions is possible, also no categories from the default http proxy configuration are active -> that’s not what I have expected!
Now the packet filter definitions are evaluated. I need a packet filter that rejects all HTTP-traffic.
I tested with no active proxy profiles and with one matching proxy profile – without differences. So profiles don’t have effects.
I think that this reaction is wrong and not what’s documented. If the HTTP traffic is not allowed for the skiplist hosts/nets, these systems must not to be allowed to access via HTTP to the internet.
Regards Juergen
Guest User!
You are not Sophos Staff.
