My browser says it's plain text...if not, I sincerely apologise for any HTML
being sent.
Web Administration:
A small web server like weblet might work if I can get it to set values as
well as read values. Nothing fancy to start with. Not concerned with
security, just fuction at the moment. Basically, what is the smallest linux
web server I can get that will allow config script values to be read and set
from a browser?
Filtering:
Squid -- too big. Need to look at (you mentioned junkbuster?) other
options, if any, for keyword filtering.
Stateful firewall:
Thanks for the input, need to compile a 2.4 kernel to work with LRP.
Trusted/Forbidden domains:
This is a nice feature I have seen on some commercial firewalls. There are
two lists, one is trusted domains like 'yahoo.com' or forbidden domains like
'sexkittens.com'. There is a flag set that says, allow all traffic except
forbidden domains or allow only traffic to trusted domains. This is very
nice if you have young kids and you allow their internal LAN IP to trusted
domains only such as 'discovery.com' or 'math.com'. The forbidden list is
great if you just want to filter out garbage like ad sites (maybe junkbuster
does this??). This can probably be set under iptables, but I would rather
just maintain a list for each that I can add/remove easily that is read each
time the network is restarted and sets the appropriate rules. I saw a
little script from Charles that was checking a list of known DNS spamming
IP's and denying them and I thought maybe this could be adapted to read a
list of trusted and forbidden domains.
----- Original Message -----
From: "David Douthitt" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 09, 2001 10:02 AM
Subject: Re: [Leaf-user] LRP vs. Commercial Firewalls ??
> Lance Peterson wrote:
>
> [By the way, HTML posts are almost universally despised. Not a Good
> Thing.]
>
> > Also, will I be able to do web administration, content filtering or
> > keyword filtering, stateful inspection, as well as setup trusted
> > and/or forbidden domains under LRP?
>
> Let's see:
>
> * Web administration. This requires a web server - I have a disk full
> of web servers for LRP! However, the real fancy ones require CGI
> support, and maybe even things like Java and other who-knows-what bloat
> to get working. I always wondered about this. To be properly secure,
> it would also require SSL - and a certificate. SSL support is also
> fairly size intensive.
>
> * Filtering. Squid can do this already. Again, this requires lots of
> disk space. Junkbuster can do this, too, though with much more
> flexibility.
>
> * Stateful inspection: you mean stateful firewalls, do you? Linux 2.4
> offers this, and shorewall is one of several firewalls that use stateful
> firewalling.
>
> * Trusted/forbidden domains: huh?
>
> _______________________________________________
> Leaf-user mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/leaf-user
>
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
