[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] log visited sites of captive portal users.
 Date:  Sun, 03 May 2009 11:43:23 -0500
YvesDM wrote:

> It's not a matter of being expensive or not.
> I just don't want to setup proxy servers on all locations we provide
> service.
> We have too many locations and many of them just don't have/want the space
> provided to put an extra box.
> Also, a single machine on each location is hard to manage.
> We manage everything as central as we can and we like to keep it that way.

I am wondering if as NAT redirect could send all web traffic to a 
central proxy elsewhere on the net...  Of course, this does nothing for 
https, and the law will make no distinction.

Another option would be to set up a enterprise wide VPN, and have 
EVERYTHING use a central DNS server at your home location.  Then track 
DNS lookups, and assume that people are connecting with something.

But all this will depend on what exactly is required in the law.