[ previous ] [ next ] [ threads ]
 
 From:  "Don Munyak" <don dot munyak at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Fwd: [m0n0wall] dansguardian squid transparent proxy rdr
 Date:  Wed, 27 Dec 2006 13:38:21 -0500
---------- Forwarded message ----------
From: SDamron <sdamron at gmail dot com>
Date: Dec 27, 2006 1:17 PM
Subject: Re: [m0n0wall] dansguardian squid transparent proxy rdr
To: Don Munyak <don dot munyak at gmail dot com>
Cc: m0n0wall at lists dot m0n0 dot ch


You would need to use a list to block that type of thing.  That is one
of the major reasons that companies make money from selling content
filtering solutions, they spend A LOT of TIME compiling the lists for
blocking, say, All web based email, etc.  If you wanted to block say
something like GMail, you would just block *.gmail.com, or
*.gmail.google.com, or some such thing.


SDamron,

Filtering by domain, ip, phraselist ins't really the issue, although I
appreciate your feedback.

When a user on the LAN requests a page via http(80), m0n0wall
redirects that request to the server on the DMZ. The server on the DMZ
then approves or blocks the request. If approved, the server then acts
as a proxy for all communication between client request and public
server response.

Currently, all https( 443) requests are not redirected to the server
on the DMZ. The "how to make this happen" was my question, in terms of
m0n0wall.

Don