Block all web traffic, except for certain IP addresses

Discussion in 'other firewalls' started by Alex_100, Dec 1, 2017.

  1. Alex_100

    Alex_100 Registered Member

    Joined:
    Dec 1, 2017
    Posts:
    1
    Location:
    EU
    I am looking for a way to block all web traffic, except for certain IP addresses.

    This is about a small home network of three Windows 7 computers. One of them is connected to the Internet through an ADSL modem. I use this server to route the Internet traffic to the other two computers (workstations), which are directly connected to it through regular network cards.

    On the server I have set up:
    • a proxy application (Fiddler) that decrypts and filters all HTTP(S) traffic, all based on script rules - brilliant piece of software, BTW!
    • an IPsec rule that completely blocks all traffic on ports 80 and 443 that originates from the workstations;
    This way, I enforce that all web requests pass through Fiddler, otherwise the web cannot be accessed. This is the main reason for this network configuration, and to this point I have managed to implement everything without any issue!

    The problem is that I also need to set up an exception to the IPsec rule. This exception needs to allow certain IP addresses to pass through freely. That is because I need a few websites to be directly accessible from the workstations, this way bypassing the Fiddler proxy.

    Unfortunately, I have not found a way to successfully implement the exception for the IPsec rule on the server. It seems to me the 'block' rule takes precedence over the 'permit' rule when I set it up in the 'IP Security Policy' console (so, all traffic is blocked), and there is no way to set a priority flag for the two.

    I have also tried to move away from IPsec rules and give Windows Firewall a chance. To do this, I set up the server firewall to block all inbound web traffic by default. At the same time I added an exception rule to the 'Inbound Rules' section that would allow certain IP's to pass through. However, when checking this solution from one of the workstations, I found out that no web request was actually blocked, not a single one! I tried blocking both inbound and outbound traffic at the same time, with the same result... none blocked. Traffic was indeed blocked when trying to access the web from the server itself, but this is not what I am looking for since the server is only meant to act as a web filter for the two workstations. It is not meant for web browsing.

    I have been looking for a solution for days (googled a lot during this time!), yet I have not had any success so far (very frustrating!). My experience with networking is also very limited.

    If you believe you have a solution to my problem, I would appreciate if you could please take a few minutes to write it down here. If possible, I would prefer not to change too much in the whole configuration scheme, since everything is set and working fine (apart from the exception rule).

    Thank you kindly,

    Alexander
     
  2. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,097
    Did you try putting the permit rule before the block rule? Some firewalls work on a system of list order precedence.
     
Loading...