Just to add, I have to clarify because it may not be the web cache. So when I use transparent mode and web caching, the browser runs slower (I believe it runs slower because it must figure out where the packets come from to pass through), so I made a generic proxy from port 80 and 53 to the web proxy port. Runs twice as fast now!!
Just to add, I have to clarify because it may not be the web cache. So when I use transparent mode and web caching, the browser runs slower (I believe it runs slower because it must figure out where the packets come from to pass through), so I made a generic proxy from port 80 and 53 to the web proxy port. Runs twice as fast now!!
Can you elaborate on how you configured the generic proxy? Is the traffic just going out via the generic proxy or do you have it redirected to the web filtering somehow?
Just to add, I have to clarify because it may not be the web cache. So when I use transparent mode and web caching, the browser runs slower (I believe it runs slower because it must figure out where the packets come from to pass through), so I made a generic proxy from port 80 and 53 to the web proxy port. Runs twice as fast now!!
Can you elaborate on how you configured the generic proxy? Is the traffic just going out via the generic proxy or do you have it redirected to the web filtering somehow?
dilandau, to answer your question (my apologies), I'm not using the Generic Proxy to redirect web filtering; only the transparent proxy within the Web Filtering, nothing browser specific and not to other subnets. I did test the ability to apply the Web filtering to different subnets however (x.x.1.0/24 and x.x.2.0/24) and it works fine. I was able to set different Qualities of Service for different devices using different or static IP addresses. That worked great!
I used to have the Generic Proxy to forward to IPFire, but IPv6 was a problem (it is not supported in IPFire) as well as comprehensive web filtering. It's not as mature as Sophos UTM. Sure it can use domain or regex, but I just really don't know where their filtering list's come from or who's updating them. Then they added additional tools to browse anonymously, so I deleted that image quick.....not part of that cause.
The base filtering wasn't working at first either. Now the profile will filter first and then fallback (now Base filter) will block all like I wanted. It could have been resolved when I created new WAN side interfaces.
