Support Center

How To Set up Client Web Access Filtering

Last Updated: May 17, 2012 05:02PM CDT
How to Setup Client Web Access Filtering

Content filtering in atomOS relies upon the use of the Web Proxy feature, which can be found in the menu system under Network Services / Managed Access.
Click 'Enable Web Proxy Service' and save the setting by clicking 'Save' at the bottom of the page. Click on the 'Web Proxy' menu item to refresh the new menus. 
Once the Web Proxy service is enabled, several related services will be started:
  • Download and population of the URL Classification Database. Depending upon the connection speed to the internet, it may take a few minutes to complete the initial population.
  • The configuration menu for creating Access Control Lists will become available.
  • Port 3128 (by default) will become available for client proxy connections.

In order for the proxy services and filtering to work properly, client machines must be configured to use proxy services - either at the system or browser level. Use of the proxy connection can be restricted by using filter rules, and it is recommended that once use of the proxy is mandated by the network administrator that a firewall block rule for HTTP be created for LAN connections. Creation of Firewall Filter Rules are detailed in a separate document

There are several advantages to the use of the Web Proxy Service:
  • Traffic is cached which enhances performance on the client side. The cache setting are completely configurable based upon the user environemnt.
  • Allows the administrator to control source IPs and MAC IDs.
  • Traffic can be allowed to travel to controlled destination Ports, IPs, specific URLs, or a defined URL Classification.
  • Conversely, traffic can also be blocked by the same criteria.
  • Traffic can be controlled by day of week or time of day, or any combination thereof.
  • Specific rules can also be logged to track client-side behaviors

By itself, the Web Proxy service provides a powerful and easy to maintain measure of control over client behaviors.
Once the Web Proxy Service is enabled, it is important to create at least one Access Control List (ACL) rule that allows traffic to pass through the proxy. By default, if there are no ACL rules, all traffic is blocked by the proxy service. This is done in the interest of security.

To create a new ACL:
  • Click on the Access Lists menu.
  • Click on the green Plus button.
  • The only 'required' field is the Rule Name. All other fields will default to an 'allow' state for ease of initial configuration.
  • As more rules are created, various combinations of configuration parameters can be set, allowing for a great deal of flexibility in creating the controlled environment.
  • ACLs are processed in an ordinal fashion - meaning that the first rule which meets the specified parameters will be processed and further rules will be ignored.
  • ACLs can be reorganized in the interface by using a combination of the checkbox and the left-arrow button.
  • ACLs can be edited and reordered at any time, those changes taking effect when the 'Apply Changes' button is selected.
  • It is recommended that the rules be ordered from most-restrictive to least-restrictive so that traffic is controlled as expected.

To include URL Classification lists, go to the URL Classification screen and enable the desired categories by clicking on each. In the interest of enhanced performance, only enable those URLs that are likely to be incorporated into an ACL rule.

Please submit additional questions to <>.

  • 下载并聚集URL分类数据库。这取决与互联网的连接速度,首次聚集将会花费几分钟时间。
  • 控制入口清单的设置菜单将会显示。
  • 端口3128(默认)将会对Port 3128 对客户代理链接可见。



  • 通信量将会被隐藏,这将会提高客户的使用性能。隐藏设置完全基于使用者的环境
  • 允许管理员管理IP以及MAC ID的来源
  • 通讯量可被允许通往可控端口,IP,具体的URL,或已被定义的网址分类
  • 相反的,通讯也可以被相同条件阻隔
  • 通讯按天或按小时或按照各种相关时间控制
  • 一些特定规则也可以对客户端的行为进行追踪


  • 点击接入列表菜单
  • 点击绿色的加号按钮
  • 唯一“要求”字段是“规则名称”。所有其它字段都会默认为“允许”,此为用来减少初始设置
  • 随着创建更多规则,很多设置组合因子都可被创建,允许很多浮动来创造可控环境
  • 控制列表被创建为有序样式 ---- 这意味着,第一个规则如果符合特定因素将会被通过,其它规则将会被忽略
  • 控制列表界面是被检查栏以及左向箭头按钮组合的
  • 控制列表在任意时间被设置以及重新设置顺序,当选择“申请变更”时,这些变化将会被启动
  • 建议规则顺序从最多限制到最少限制,这样通讯可以如期所控。


更多问题,请发送至 <>.

Contact Us
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found