alex-bsd alex-bsd at
Thu Jul 14 19:11:31 GMT 2005

Sorry previous messages is incorrect (I had in mind downloading files)

Hello Daniel, 
Most likely, we not absolutely understand each other. 
I would be very glad if there was an opportunity to add in PF feature which possesses IPTABLES.
On a gateway for a local network in rules of firewall it is possible to add a following line:
-A FORWARD -s 192.168.x.x -p tcp -m string --string ".mp3" -j DROP  
If the internal client of this network requests a resource with name containing ".mp3" he will not receive the answer (,, etc.).
Accordingly similar is possible to make with words "porno" "avi" and etc.
I do not consider that it is 100 % protection against downloading (from internet) by users mp3 files.
Certainly, there are ways for detour of similar interdictions created both by proxy-servers and by firewall. 
However in most cases this rule will be enough.

I do not see sense in the bet offered by you as there is a talk a little about other! 
Certainly, clever and talented person as you are will find a way to bypass interdiction!!! 

P.S. If for any reasons, it is not possible to do so, "c'est la vie"

Best regards Alex

More information about the freebsd-pf mailing list