Access Lists

There is already a pre-configured access list in IPBrick specifying this: Attempts to access sites made from LAN origin which aim sites not included in the destination group INVALID nor the porn blacklist, in an undefined period (24 hours) are accepted. Because there are no more lines created, all the remaining will be blocked (Figure 4.9).

Access lists have the following structure:

• Source: Origin group identification that is aimed by the rule;
• Destination: Destination groups identification that are aimed by the rule;
  • Available Groups: You can make for the created destination groups the following rules: Access to included sites ONLY IN destination group x; Access to sites NOT IN destination group x; Access to sites ALLOW IN destination group x;
  • Blacklists: Lets you select which blacklists are activated. Example: If the porn list is selected, every sites that are out of the list can be accessed.
• Period: The time period (already inserted) that the rule is active;
• Policy: This is not configurable, the value is always to deny all that is not set in the access lists.

Access lists should be ordered by rules from generic to specific. The generic rules should be placed at the top and more specific rules should be placed at the bottom (as in the firewall case). If there are several access lists you can order them clicking on Order by.

Figure 4.9: Proxy - Access Lists