Date: 04 Oct 2001 11:28:51 +0100 From: Wayne Pascoe <wayne.pascoe@ehsrealtime.com> To: Dale Chulhan - Home <dchulhan@uwi.tt> Cc: freebsd-questions@freebsd.org Subject: Re: Network -> Internet Filtering Message-ID: <86g08zbsws.fsf@pan.home.penguinpowered.org.uk> In-Reply-To: <3BBC3939.32AD020@uwi.tt> References: <3BBC3939.32AD020@uwi.tt>
next in thread | previous in thread | raw e-mail | index | archive | help
Dale Chulhan - Home <dchulhan@uwi.tt> writes: > Dear List, > > I currently have several labas at a school attached to one interface of > my checkpoint firewall and I was wondering the following: > > 1) What's the best method to automatically deny an ip address access > from the internet when certain keywords are matched > 2) How can I limit groups of sites by time? > 3) How can I filter content by type ( say .mp3, .pdf etc.... ) by time > and group? > 4) How can I filter downloaded file sizes by type by time and group? > 5) How can I throttle bandwitdh on a per IP basis? I would suggest that you look at squid as a proxy server in the first instance. Have your firewall transparantly redirect all outgoing traffic to port 80 or 21 to the proxy server. Let the proxy server handle the requests. This will also save bandwidth when many people view the same site. I don't really know about keywords, but squid is quite configurable. For the bandwidth throttling, see the other discussions here about fair bandwidth sharing. -- Wayne Pascoe <wayne.pascoe@ehsrealtime.com> Things fall apart; the center cannot hold; Mere anarchy is loosed upon the world. - Yeats To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86g08zbsws.fsf>