Block WWW.ORKUT.COM
Patrick Proniewski
patpro at patpro.net
Fri Aug 3 08:06:19 UTC 2007
Hi,
On 03 août 2007, at 09:36, Ali Faiez Taha wrote:
> What I need to do to block the access to www.orkut.com, via
> webproxy, anonymizer sites and direct access ?
> I am using FreeBSD with PF, without Proxy server, 2 NICs (one for
> Iternet and one for Intranet).
> Actually I use a table with a lot of IP address blocked.
This is just impossible, unless may be you have as much money and
power as the chinese government.
What you want to do is layer 7 firewalling: ie. looking into the HTTP
transmitted, determine if it comes from orkut (directly or via a
proxy), and block accordingly. You might want to known: even this
won't work if the client uses HTTPS to connect to the proxy/
anonymizer (in that case, HTTP transfer is encrypted, and you can't
eavesdrop the http content.)
patpro
More information about the freebsd-pf
mailing list