Never used l7 for doing that kind of filtering, dont know if it's possible.
Anyway, if you need some hard filtering based on URLs, both http and https, i would recommend that you use an http/https proxy, just like squid, for doing that.
Completly block https (TCP/443) traffic with iptables and get your clients for use an http/https proxy and does the filtering there. I'm pretty convinced it will be easier and you'll have a lot more flexibility on the rules. Squid's ACLs are pretty flexible, you should give it a try.
vects escreveu:
Hi, I'm looking for solution of the next problem, I have to enable/disable an access to list of https web servers, I don't know in advance IPs of them, permit rule must be based of the url user typed in location bar. Is possible to do that by iptables and extentions? I thought about l7 filter.
-- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, NÃO mandem email gertrudes@xxxxxxxxxxxxxx My SPAMTRAP, do not email it
