Squid can natively via built in ACL.
acl mydstdomain dstdomain .abc123.net
acl mydstdomain dstdomain .def456.com
http_access deny mydstdomain
you can also add regex
# acl aclname url_regex [-i] ^http:// ... # regex matching on whole
URL
# acl aclname urlpath_regex [-i] \.gif$ ..
You may want to look at a web based proxy solution that can block inline
(such as squid proxy in transparency mode).. That wont help you much though
with SSL because that would be considered man-in-the-middle and you
would not be able to see http header info of the SSL traffic.
Danny
From:
users@lists.sourceforge.net
Subject: Re: [Shorewall-users] Logging question
On 7/10/2014 8:21 AM, Mallory, Danny wrote:
> Hello
> I just upgraded from Debian 6(squeeze) to Debian 7(Wheezy) and my
logging does not seem to be working anymore. "shorewall show log" looks
normal pointing to /v
Hello
I just upgraded from Debian 6(squeeze) to Debian 7(Wheezy) and my logging does
not seem to be working anymore. "shorewall show log" looks normal pointing to
/var/log/messages but I get no logging of drops or rejects anymore. It appears
to be doing kernel level logging as the messages are
