From owner-freebsd-questions Fri Dec 21 15: 3: 7 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.bacxs.com (67.8.24.120.winterpark-ubr-b.cfl.rr.com [67.8.24.120]) by hub.freebsd.org (Postfix) with ESMTP id 58BA337B417 for ; Fri, 21 Dec 2001 15:03:05 -0800 (PST) Received: from massive.bacxs.com by mail.bacxs.com with SMTP (MDaemon.PRO.v5.0.0d.R) for ; Fri, 21 Dec 2001 18:01:39 -0500 Message-Id: <5.1.0.14.0.20011221175604.02472540@127.0.0.1> X-Sender: mwoodson@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 21 Dec 2001 18:01:38 -0500 To: "Teo Carlsson" From: Mark Woodson Subject: Re: ipf quiestion Cc: freebsd-questions@freebsd.org In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Return-Path: mwoodson@bacxs.com X-MDaemon-Deliver-To: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 11:47 PM 12/21/2001 +0100, you wrote: >Hello i wonder if ipf can log and see what type of pages users are visiting. > >We want to check if they are pornsurfing or serious surfers? No, ipf will not do this kind of content filtering. You could have it log ip addresses for pages visited with a rule like this. pass out quick log on proto tcp from port > 1023 to any port = 80 flags S/SA keep state But this is going to log the start of each connection to a web server, and not tell you which page was visited. Inelegant at best, a huge waste of time most likely. It's much better to do this kind of thing with an application proxy (like squid) for http. -Mark -Mark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message