Date: Wed, 26 Sep 2007 02:32:28 +0100 From: RW <mlt01@mlists.homeunix.com> To: freebsd-questions@freebsd.org Subject: Re: PF: block out port 80 so that not allow clients in LAN to browse Internet via port 80 Message-ID: <20070926023228.51a0855a@gumby.homeunix.com.> In-Reply-To: <200709260015.36772.fbsd.questions@rachie.is-a-geek.net> References: <46F91290.7050500@fpt.vn> <20070925224014.5f88fda7@gumby.homeunix.com.> <200709260015.36772.fbsd.questions@rachie.is-a-geek.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 26 Sep 2007 00:15:36 +0200 Mel <fbsd.questions@rachie.is-a-geek.net> wrote: > Well, he could block, but transparently doing it without annoying > users is better(tm). It depends. If they are doing a lot of ftp downloading, you may want to force it to go though squid, so it can be cached. And you can't really do that in combination with http interception. There is also the issue with interception that https will bypass squid, which is a loophole if you want to want monitor access, or block sites.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070926023228.51a0855a>