firewall url filter
Bill Davidsen
davidsen at tmr.com
Sat Jan 24 20:55:05 UTC 2009
roland wrote:
> Hallo,
>
> I have a network with a fedora-server and several workstations-Vista
> Microsoft (client doesn't want any linux pc's). The users are connected
> to the internet via a router Lancom.
>
> The client wants to prevent users to connect to sex sites.
>
> Can I use the fedora-box as a firewall, filtering several url's or
> filtering several keywords?
>
You can filter all you want and some will get through. Alternatively you can
just log all http SYN packets and tell people explicitly that they may have to
justify access to any site they visit, or justify using a redirector, etc. That
worked quite well at a few places of which I'm aware, it tends to block a lot
more than porn, also social sites, etc. You can also log the size of downloads,
even using https they have size.
It's a hard call between free access, security, and avoiding paying people for
their hobbies. Some places only log during business hours, but have a policy
about unannounced scans of business computers.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list