Hi, On Sun, Jun 22, 2008 at 1:23 AM, Jose Ildefonso Camargo Tolosa > for 1: maybe iptables + l7filter ( http://l7-filter.sourceforge.net/ ). > for 2: iptables, yup, plain iptables. > for 3. not sure... but maybe iptables + l7filter too. > All the problem with iptables is it is NOT suitable to handle a lot of rules, it has been discussed in netfilter mailing list before... Currently I have a proxy written using C which store IP info in memory which is lighting fast and efficient. I just wonder should I merge this proxy into squid or not. (They are running at the same machine now) Howard
