Hello, I'm using iptables for a firewall on a school network. Recently we've noticed a couple of users trying to use proxies to bypass our filtering. Ordinarily this is no problem, as we're blocking standard proxy ports. However, some users have wised up and started using proxies on port 80. We've been blocking based on port, and obviously we can't block all of port 80 outbound. Is there any way to block a proxy on port 80 and still have it be transparent to the users? The only thing I can think of would be string matching, which I've added. But it's my understanding that this really slows things down for one, and also I wouldn't know how to go about finding the string(s) I need to block. Any ideas? Thanks!
