Endian banner

The Proxy Menu

In this page you find:

A proxy server is a system, located between a client (who requests a web page or some resource) and the outside networks with the purpose to catch all the client’s requests, retrieve the requested resources, and transmit them to the client. The main advantage of a proxy server is its ability to cache (i.e., to store locally) all the pages that have been requested, making future requests of the same pages faster.

The Endian UTM Edge Appliance features a DNS proxy, based on dnsmasq, that provides also anti-spyware functionalities, based on the information contained in the phishtank web site, a community-driven site devoted to inform and keep users updated about sources of phishing on the Internet.


The DNS proxy is a proxy server that intercepts DNS queries and answers them, without the need to contact a remote DNS server each time it is necessary to resolve an IP address or a hostname. When a same query is often repeated, caching its results locally may sensibly improve performances. The available settings for the DNS proxy are grouped into three tabs.

DNS proxy

A few options for the DNS proxy can be configured in this page.

Transparent on Green, Transparent on Blue, Transparent on Orange

Enable the DNS proxy as transparent on the GREEN, BLUE, and ORANGE zone, respectively. They appear only if the corresponding zones are enabled.

Specific sources and destinations can be set up to bypass the proxy by filling in their values in the two text areas.

Which sources may bypass the transparent Proxy

Allow the sources under the corresponding text area not to be subject to the DNS scanning. The sources can be specified as IP addresses, networks, or MAC addresses.

Destinations to which bypass the transparent Proxy

Allow the destinations under the corresponding text area not to be subject to the DNS proxy scanning. The destinations can be specified as IP addresses or networks.

DNS Routing

This page allows the management of custom domain - nameservers pairs. In a nutshell, whenever a sub-domain of a domain is queried, the corresponding nameserver in the list will be used to resolve the domain into the correct IP address.

A new domain - nameserver combination can be added by clicking on the Add new custom nameserver for a domain link. When adding an entry, a few values can be entered for the various options available:


The domain for which to use the custom nameserver.

DNS Server

The IP address of the nameserver.


An additional comment.

On each domain in the list, these actions can be carried out:

  • edit - edit the rule.

  • delete - delete the rule.


Changed in version 2.5-20130102: the DNS blacklist

This page presents configuration options about the reaction of the Endian UTM Edge Appliance when asked to resolve a domain name that is known to be either used to propagate spyware or that serves as phishing site. The options that can be set are:


The requests are redirected to localhost. In other words, the remote site will neither be contacted nor reachable.

Whitelist domains

Domain names that are entered here are not treated as spyware targets, regardless of the list’s content.

Blacklist domains

Domain names that are entered here are always treated as spyware targets, regardless of the list’s content

Spyware domain list update schedule

The update frequency of the spyware domain list. Possible choices are Daily, Weekly, and Monthly. By moving the mouse cursor over the respective question mark, the exact time of the update execution is shown.


to download updated signatures, the system must be registered to Endian Network.

Table Of Contents

Previous topic

The Firewall Menu

Next topic

The VPN Menu

Documentation archive (Endian UTM)

Version 2.5
Version 2.4
Version 2.3
Version 2.2
Version 2.1

Other products

Endian 4i Edge 3.0
Endian UTM 3.0