From owner-freebsd-questions@FreeBSD.ORG Sun Jun 20 13:41:09 2010 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 60E89106566B for ; Sun, 20 Jun 2010 13:41:09 +0000 (UTC) (envelope-from aimass@yabarana.com) Received: from mail-vw0-f54.google.com (mail-vw0-f54.google.com [209.85.212.54]) by mx1.freebsd.org (Postfix) with ESMTP id 24BB88FC15 for ; Sun, 20 Jun 2010 13:41:08 +0000 (UTC) Received: by vws20 with SMTP id 20so468108vws.13 for ; Sun, 20 Jun 2010 06:41:08 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.182.16 with SMTP id ca16mr1876054qcb.88.1277041268096; Sun, 20 Jun 2010 06:41:08 -0700 (PDT) Sender: aimass@yabarana.com Received: by 10.229.232.207 with HTTP; Sun, 20 Jun 2010 06:41:08 -0700 (PDT) In-Reply-To: <634820.90569.qm@web43415.mail.sp1.yahoo.com> References: <634820.90569.qm@web43415.mail.sp1.yahoo.com> Date: Sun, 20 Jun 2010 09:41:08 -0400 X-Google-Sender-Auth: 2Bf5N-FrjUsHg4e3Ytnm1UILnig Message-ID: From: Alejandro Imass To: questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: Subject: Re: freebsd internal X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jun 2010 13:41:09 -0000 On Sun, Jun 20, 2010 at 3:43 AM, cisco Baz wrote: > to whom it may concernim going to make=A0 a freebsd =A0such that it can a= ct as a web url filtering gateway but i dont want use tools such as dansgua= rdian or squidguard or ... tools that use proxy to implement url web filter= ing , also dont want to use firewall package in freebsd such as pf , i want= to write a program such as pf but such that can filter based on layer 7 in= formation but independent of other package even if needed change kernel , .= .. Please explain _why_ you don't want to use a proxy, and _why_ you won't/can't use packet filtering? HTTP __is in fact layer 7__, so why the need to write your own proxy? I mean, writing a layer 7 URL filtering is in a fact a proxy like Squid, so why do you want/need to craft you own proxy? Perhaps, you don't want your users to know that you are filtering them. or you don't want to set-up the proxy in each browser? That is called an "intercepting proxy" and filters all traffic on the gateway, and you would still use a combination of pf and squid. If you don't want to use squidguard, or dansguardian because of the messages they sent to the user, you can customize that to say or redirect to another form of not authorized page. Please explain the _why_ in your original post and perhaps it would be easier to help you > > so can you please help me a little=A0 ? > best regards > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >