On 23/08/2015 10:36 p.m., wmunny william wrote: > >>> Sorry to jump on a late thread - it is also possible to use ICAP/eCAP server to filter the actual contents of the stream. >>> >>> C-ICAP comes to mind first, then eCap samples from http://www.e-cap.org/Downloads >>> >> >> And the *CAP services is a better solution than either URL-rewriting or >> chaining proxies. Since the HTTPS only gets MITM'd once, not twice or more. >> >> Amos >> _______________________________________________ > > > Hello All, > > I know DansGuardian, e2guardian, squidguard but no free solution with ICAP > Do you have an advice for this ? > > Maybe there are some "hubs", Squid > icap > DansGuardian ? Looking for one single thing that does everything DG or e2guardian do, or wraps them completely is the wrong approach. They are almost full-blown proxies like Squid. The *CAP design is to leave all the transfer proxying and caching duties to software like Squid and only perform the actual content adaptation policies in the service/module. You need to look at what DG is doing for you now and how much of that is available from squid.conf capabilities. Most of it usually is. Only the remaining "fiddling with payloads" bit actually needs a third-party service. GreasySpoon or qlproxy seems to be the high profile ones. c-icap and Traffic Spicer seem to offer frameworks rather than pre-made filters <http://www.squid-cache.org/Misc/icap.html> The interfaces GreasySpoon or qlproxy describe say easily scriptable to do filtering. Though filtering is a huge topic, so "easily" is up for interpretation. And fiddling around with your customers content is very site-specific about what can or can't be done. Thus the frameworks and script engines being most high profile. HTH Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
