HTTP Proxy

8.1. General configuration

Through HTTP Proxy → General you can access into the eBox's proxy HTTP general configuration.

At the configuration window these options are detailed:

Transparent proxy

If transparent proxy is enabled, every eBox user will use the transparent proxy without noticing it. If it is disabled, you should configure each browser to work through the proxy.

Warning

Transparent proxy feature is only working when eBox has at least an internal and an external interface

Port

You can assign a proxy port. It will be used by the browsers, inside the network, to connect to Internet.

Default policy

It is the default policy for the proxy users. Free (allow all) access, filter contents or always deny access can be selected. Later, this policy can be modified for each network object where you need an specific behaviour, as it is explained below

Warning

If you establish a configuration which denies access to administration interface from the machines connected to eBox, you should allow the host where you want to connect from, or you could lose the connection with the web interface.

8.2. Filter settings

At HTTP Proxy → Filter settings, you can select the filter settings to those elements of this network which set their policy to filter.

Warning

The filter needs a 'filter' policy to be in effect

You may set the content filter threshold which establishes a restriction level to web contents with explicit sex and violence items to be filtered by the proxy.

To perform a more detailed filter policy. A tab menu is shown with the following elements:

File extensions filtering

You may choose which file extensions are allowed to be downloaded through the HTTP proxy. To allow extensions you must edit the row and check the box in the Allow element. A special "All extensions" form exists to apply the same policy to all extensions at once. You may add as many extensions you require by adding new ones. Several ones are set by eBox.

Any extension not listed here is, by default, allowed. In future releases, this behaviour may change.

MIME type filtering

You may select which file MIME types are allowed to be downloaded through the HTTP proxy. The management is analogous to the extension filtering explained above.

Domains filtering

You may customise which domains are allowed or denied to visit by editing the table Domains list. Write the full domain name, whose default behaviour you require to change. The domain name does not require the "www" string. For instance, you add as allowed domain "www.warp.es", we'd set "warp.es" domain.

Furthermore, you may block those domain sites which are not in the domains list overriding default allowance policy. It also let block those sites which does not have a fully qualified name (FQDN) and, therefore, they use an IP address to access to their content

8.3. Policy establishment

Through HTTP Proxy → Objects' Policy it is possible to establish one connection policy for every network object, allowing a different configuration for each newly created objects. This configuration will be applied previously to the eBox global policy for the selected objects.