From owner-freebsd-questions@FreeBSD.ORG Sat Jun 2 08:09:59 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BC3F216A421 for ; Sat, 2 Jun 2007 08:09:59 +0000 (UTC) (envelope-from tedm@toybox.placo.com) Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [65.75.192.90]) by mx1.freebsd.org (Postfix) with ESMTP id 812A613C45A for ; Sat, 2 Jun 2007 08:09:59 +0000 (UTC) (envelope-from tedm@toybox.placo.com) Received: from TEDSDESK (nat-rtr.freebsd-corp-net-guide.com [65.75.197.130]) by mail.freebsd-corp-net-guide.com (8.13.8/8.13.8) with SMTP id l5289vbI044685; Sat, 2 Jun 2007 01:09:58 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "RW" , Date: Sat, 2 Jun 2007 01:10:44 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <20070601132317.214026bc@gumby.homeunix.com.> X-Mimeole: Produced By Microsoft MimeOLE V6.00.2800.1896 Importance: Normal X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-3.0 (mail.freebsd-corp-net-guide.com [65.75.192.90]); Sat, 02 Jun 2007 01:09:58 -0700 (PDT) Cc: Subject: RE: Squid and IPFW X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Jun 2007 08:09:59 -0000 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of RW > Sent: Friday, June 01, 2007 5:23 AM > To: freebsd-questions@freebsd.org > Subject: Re: Squid and IPFW > > > On Thu, 31 May 2007 13:13:36 -0400 > "Spiros Papadopoulos" wrote: > > > Dear all, > > > > I would like to setup a gw / firewall (IPFW) which will also run > > Squid, in order to restrict access to certain websites > > or to allow certain workstations to have full access to the internet. > > How can I redirect all traffic going to port 80 on the gw, to port > > 3128 on Squid > > Are you really sure you want to do that way? Squid wont be able to > control access to https or ftp. And what about http on non-standard > ports, e.g. http://easynews.com:81 > The people that are smart enough to get around this kind of a block in an organization are generally not the problem. It is the morons that have no concept of appropriate use of the Internet in the workplace who are the problems, and they will be effectively stopped. I use much the same setup for my 8 year old son. He only gets Internet access to websites that we have approved and added to the squid list. Ted