Search squid archive

Re: Controlling all HTTP traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Oct 13, 2008 at 01:40:06AM +0300, Ali Hardogan wrote:
> >
> > Depending on your OS/firewall, you may have ability search packets for HTTP
> > traffic. But it is intensive, not foolproof and unnecessary kludge.
> 
> Right. And I cannot be using Squid for that. Instead I need to rely on
> another instance of the blacklist enforced by the OS/firewall.

I was originally thinking that you might redirect such traffic, but yes it's
impossible since the TCP-session is already established when you see HTTP
content. So yes your only option is to drop traffic to bad places.

> Another approach could be to direct all port 80/3128/8080 TCP
> connections to Squid, and drop any packet that carries any HTTP
> payload through any other port. This approach relies on the assumption
> that the only HTTP traffic that uses one of those other ports is a
> proxy HTTP that is trying to "evade" the filter. How valid would this
> assumption be?

If your only option is to play hide-and-seek, then you must use such
methods. Filter all by default and only open on request.


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux