WinGate Forums

[cheese]

I'm hoping this is an easy one, but I can't find anything certain.

Basically I want to set WinGate up to block ALL web traffic except to one single site. Can I do this?

Why? We're setting up wireless access in an office where people can come in and search records on our web server. Wireless will be open (no WEP, WPA, broadcast SSID) and no auth to a proxy server. But we don't want them to have anything other than the web site we allow.

[cheese]

As usual, I find the answer:

# First I needed to create a system policy to allow all access. If I did not have a system policy, DNS was failing.
# Then I needed to enable transparent tunneling. Apparently you need this by default for filtering?
# Then I needed to edit the WWW proxy service to for ban-lists using "this criterion is NOT met if" to the web servers I need to access.

Odd thing is that I needed to access two individual servers, but I could not add them under a single ban list. I needed to create two policies, one each with a single ban list of the "this criterion is NOT met if" criterion.

[logan]

The logic in policies are "Filters are OR'd / Criterions are AND'd". That's why when you make a blacklist, you use a different filter for each criterion, and when you make a whitelist, you put all the criterions in one filter. You can't be at two URL's at the same, but you can "not" be at two URL's at the same time. I hope this helps explain why you need to use seperate filters for a banlist.