Date: Thu, 7 Jan 1999 21:45:05 -0800 (PST) From: "Michael V. Harding" <mvh@ix.netcom.com> To: ludwigp@bigfoot.com Cc: vev@michvhf.com, mvergall@mail.double-barrel.be, freebsd-stable@FreeBSD.ORG, ee123@rocketmail.com, don@calis.BlackSun.org Subject: Re: Looking for a software Message-ID: <199901080545.VAA04354@netcom1.netcom.com> In-Reply-To: <4.1.19990107165949.00c9b840@mail-r> (message from Ludwig Pummer on Thu, 07 Jan 1999 17:02:54 -0800) References: <Pine.LNX.3.96.990107204129.1745A-100000@ns.double-barrel.be> <4.1.19990107165949.00c9b840@mail-r>
next in thread | previous in thread | raw e-mail | index | archive | help
Better yet, set squid up to transparent proxy. Then they won't have to set anything up. You can do this with -current, which is going stable soon. -- Mike H. X-Sender: ludwigp2@mail-r Date: Thu, 07 Jan 1999 17:02:54 -0800 From: Ludwig Pummer <ludwigp@bigfoot.com> Cc: freebsd-stable@FreeBSD.ORG, Eric <ee123@rocketmail.com>, Don <don@calis.BlackSun.org> Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG X-RULES: lists At 11:59 AM 1/7/99 , Vince Vielhaber wrote: > >On 07-Jan-99 Michael C. Vergallen wrote: >> >> On Thu, 7 Jan 1999, Don wrote: >> >>> > I guess you wan't to use a firewall to allow access to certain clients ? >>> > this is done with ipfwadm ... have a Look at http://www.xos.nl/ for more >>> > info. The package is normally for linux but you should be able to compile >>> > under FreeBSD. >>> If this gentleman is looking for firewalling software is there any reason >>> he wouldnt use IPFW which is built right into FreeBSD? IPFW is exactly >>> like ipfwadm except it is our version and it works right. >> Probably so however I did not know the package existed on FreeBsd ... >> could not find a reference... When I used appropos on my box it didn't >> return a result and even the list I generate off the ports didn't return >> anything so I assumed that it was unexistant on FreeBSD. However now I >> come to think about his question it may be that he required only to use >> the .htaccess files to block access to certain URL's... > >I thought he was trying to only allow his users to access a list of URL's >on the outside. eg. they can go to www.freebsd.org but they can't go to >www.playboy.com. > >Vince. In that case, he'd probably run Squid or another web proxy and define ACLs (I have no idea how, i just know it can be done) for URLs for certain hosts. He'd have all of the machines set up to use his Squid server for their http proxy. Then he'd set up IPFW to deny outbound TCP with a destination port 80, except that coming from the squid machine (to prevent people from getting around the proxy by shutting off their web proxy in their web browsers). --Ludwig Pummer ( ludwigp@bigfoot.com ) ICQ UIN: 692441 ( ludwigp@email.com ) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901080545.VAA04354>