Hey Sergio,
There are couple approaches to content filtering in the Linux world and in other spaces.
Squid is open source and gives a lot but there are other ideas and ways to perform content filtering.
Squid was designed for caching and does things in a specific way while other solution might give a feature that would work "without interception".
On http it is doable to perform filtering in a very efficient way that is similar to Squid's PEEK and SPLICE but there is a need in some level of Interception in one step or another to perform the actual "block" operation.
I do not know about Open Source products that offers everything and it is very simple to understand why.
What I know about are
- Squid + external tools(such as SquidGuard, ufdbguard, others)
- Ntop layer 7 filtering
- Custom DPI iptables modules
- NFQUEUE based IPS\IDS which can act as a url filtering engine
Consider that if you require only filtering and not caching then you can get very high performance from many applications.
The fact that Squid was designed for Caching doesn't mean that you need to use it.
Also there are couple cases which caching will hold your line and users speed.
The best case scenario would be to not Intercept the traffic into squid while in many cases it is not possible.
Eliezer
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer@xxxxxxxxxxxx
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
