Bernie, > I'd like to use Squid for filtering java applets. > > Any idea how to realise it? > > Yes, Squid is a proxy cache, not a police man, but maybe someone knows > an add-on or an http proxy specialized for java applet filtering could > be contacted upwards. One way of achieving this is to use Trusted Information Systems' Firewall Toolkit (FWTK) - it's rather old but does the job !!!
For information on downloading the toolkit, etc. see: http://www.fwtk.org/fwtk/download/downloading.html#1.1 You will need to ensure that you check through the list of patches and definitely install this one (otherwise you WILL encounter the javascript quoting bug): http://www.fwtk.org/fwtk/patches/patches.html#1.1 You will then need to set the http-gw as squid's parent and tell the http-gw what to filter - javascript / java / activeX. You will have to add something similar to the following to the netperm-table file: http-gw: permit-hosts 127.0.0.1 -nojava -noactivex We are successfully using this to block both activeX and java applets. Any sites that we trust go into squid's always_direct allow list. Hope this helps. Neil. -- Neil Hillard [EMAIL PROTECTED] Westland Helicopters Ltd. http://www.whl.co.uk/ Disclaimer: This message does not necessarily reflect the views of Westland Helicopters Ltd.
