My OpenSuse 10.2 box is set up with Squid/Dansguardian and is used to filter web content of any wireless users of my Internet. Currently I’m using wpad on a separate DNS server which forces users to use my proxy server.
However, if the users goes into their browser settings and turn off the setting to ‘automatically detect settings’, then they can get around my filter. Typical port 80 requests are still filtered, but port 443 requests are not. This allows them to use https proxies and get around my filter. Currently I have a simple router sitting between my WAP and the OpenSuse filter. The router’s only purpose is to deny all port 443 requests. This forces the user to reconfigure their browser if they want to use secure (port 443) websites. Then, everything runs fine through my filter.
My question is, how can I do the same thing with my Linux server as the router is doing? I just want to block port 443 on the NIC that the wireless traffic comes into. Then, I can get rid of the extra router. I’m using the YAST firewall on OpenSuse 10.2
Thanks for any help…