OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archive: Re: IP transparent proxies (source).

Re: IP transparent proxies (source).

-= ArkanoiD =- (arkmpak.convey.ru)
Sat, 8 Nov 97 15:11:32 +0300

nuqneH,

> Date: Thu, 6 Nov 1997 08:18:42 +0100
> From: "Magossa'nyi A'rpa'd" <magbunuel.tii.matav.hu>
> To: Steve Kann <stevekSteveK.COM>
> CC: linux-netvger.rutgers.edu, firewall-wizardsnfr.net
> Subject: Re: IP transparent proxies (source).

[dd]

> make building new proxies more easy. (And modified versions, as I guess
> every one of us have another view on the http-gw issue. Should it allow only
> standard html? What extensions to allow? What to do with java/activex?)
> It is also an opportunity to handle policies depending on source _and_
> destination. With Gauntlet it is a little tricky to do in a clean way.

I think the latest fwtk http-gw does nearly everything you really need, so
it is a good idea to implement similar features. But - i have to use _two_
http proxies on my firewall: squid for caching purposes and http-gw to enforce
security policy for some machines. And i don't like that much. Maybe it is
better to integrate http-gw features into squid? I'd like this way!

[dd]

> In what extent it is OK to use the same configuration method as TIS?

I don't think configuration file format is copyrighted ;) So more
compatibility is better.

And.. it _should_ compile on xBSD ;)
---
                                       _ _ _ _ _ _ _
   Must be a visit from the dead.. _| o |_ | | _|| | / _||_| |_ |_ |_
   CU in Hell .......... Arkan#iD |_ o _||_| _||_| / _| | o |_||_||_|

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:09:48 CDT