2w-consultoria
commented
5 years ago Bypass is based in Aliases, than the e2Guardian is not related with this, Alias needs IP or FQDN.
Open forid786 opened 5 years ago
2w-consultoria
commented
5 years ago Bypass is based in Aliases, than the e2Guardian is not related with this, Alias needs IP or FQDN.
forid786
commented
5 years ago @2w-consultoria I know it has Alias support, that is what I am using. However, pfSense does not support wildcards in Aliases. This is why I am requesting this feature, without Wildcards you need to put in multiple entries on an Alias.
forid786
commented
5 years ago @marcelloc Sarg supports Wildcards, maybe you can use some code from there if necessary.
marcelloc
commented
5 years ago @marcelloc Sarg supports Wildcards, maybe you can use some code from there if necessary.
The bypass we use on e2guardian is an firewall/rule bypass, it needs an ip, cidr or fqdn.
With bypass, it cannot be done.
forid786
commented
5 years ago Picking up on this again, maybe we can make it so E2 Guardian just ignores it even if the traffic is transparently sent to E2 Guardian?
When using MITM, it becomes quite important in this day and age to whitelist apps and programs correctly due to Certificate Pinning. So adding this feature would be very helpful. :)
Hi Marcello,
Would it be possible to add wildcard support to the transparent proxy? For example, you have a few situations like for WhatsApp where their domains are: server1.cdn.whatsapp.net:443 server2.cdn.whatsapp.net:443 server3.cdn.whatsapp.net:443
Could we make it so that we can set a wildcard on the proxybypass like this: *.cdn.whatsapp.net:443 so even if the subdomain changes. It will still bypass the proxy completely. Not only would this let things work more efficiently, it would stop a lot of issues occurring and make it easier to whitelist sites.
Regards, Forid