Date: Fri, 3 Aug 2007 10:06:15 +0200 From: Patrick Proniewski <patpro@patpro.net> To: Ali Faiez Taha <aftaha@cirp.usp.br> Cc: freebsd-pf@freebsd.org Subject: Re: Block WWW.ORKUT.COM Message-ID: <EDF8D957-D85E-4665-B7FC-A974797D0FD2@patpro.net> In-Reply-To: <20070803073610.GA39968@quartzo.cirp.usp.br> References: <20070803073610.GA39968@quartzo.cirp.usp.br>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 03 août 2007, at 09:36, Ali Faiez Taha wrote: > What I need to do to block the access to www.orkut.com, via > webproxy, anonymizer sites and direct access ? > I am using FreeBSD with PF, without Proxy server, 2 NICs (one for > Iternet and one for Intranet). > Actually I use a table with a lot of IP address blocked. This is just impossible, unless may be you have as much money and power as the chinese government. What you want to do is layer 7 firewalling: ie. looking into the HTTP transmitted, determine if it comes from orkut (directly or via a proxy), and block accordingly. You might want to known: even this won't work if the client uses HTTPS to connect to the proxy/ anonymizer (in that case, HTTP transfer is encrypted, and you can't eavesdrop the http content.) patpro
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EDF8D957-D85E-4665-B7FC-A974797D0FD2>