Does anyone have a link to the UFP protocol specs?
Is protocol documented or is it controlled by licensing arrangements?
(I wouldn't doub't it, CheckPoint I think would charge you for deciding
not to use or uninstalling their products.)
Perhaps a small perl based UFP daemon would make a fun project.
I suppose I could just install the CPFW Websense UFP daemon and
punch in a sniffer. Should be simple.
----- Original Message -----
From: "Carl E. Mankinen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, October 30, 2000 10:07 AM
Subject: [FW1] Blocking banners with a URI resource object...
>
> I know some people have been looking at trying to use a URI wildcard
> match with a HTTP resource object to try to block AD BANNER sites
> and the like...(I know I have been...)
>
> I have found that the FW-1 resource matching method does not really
> seem to be working very well. I have seen some really strange undesirable
> results like all of a sudden almost every page returns a "FW-1 Error" etc.
>
> So I set about solving the problem a different way and I have a simple
> solution that works pretty well. I just whipped out my ActiveState perl
> toys and made a SIMPLE httpd server daemon that sends a very fast
> and simple response back. Then I created a large HOSTS file on my
> internal proxy server and pointed each of the banner ad sites at my
> quick and dirty httpd. (I have to admit this was not very hard to do
> since the perl mod authors have done all the work...heh)
>
> All fixed. Pages load MUCH MUCH faster, no more wasted Proxy cache,
> no more wasted bandwidth, etc etc...
>
> There is one problem though....and this is going to be a problem with any
> banner blocker product. I have noticed that the banner ad people like
> doubleclick, real.com etc are now not only providing the banner images,
> but they are also providing the image elements that are integral parts of the page.
> So if you block their site, not only does the BANNER go away, but so do
> integral parts of each page. Some sites are amazing to see!
>
> Another problem is if a banner ad is embedded like "/www.msnbc.com/ads/blahblah"
> then you can't simply block msnbc.com or you lose the whole site...
>
> Anyway, I have a LONG HOSTS file if anyone wants it, send me a line.
> I would be interested in sharing with any other hosts entries you have accumulated.
>
> Here is the perl script:
> use HTTP::Daemon;
> use HTTP::Status;
>
> my $httpd = new HTTP::Daemon
> LocalAddr => '127.0.0.1',
> LocalPort => 80;
>
> print "Banner Ad Logger at <URL:", $httpd->url, ">\n";
> while (my $connx = $httpd->accept) {
> while (my $req = $connx->get_request) {
> if ($req->method eq 'GET') {
> print $req->uri;
> print "\n";
> $connx->send_status_line(RC_OK);
> $connx->close; ## fast close
> }
> }
> $connx->close;
> undef($connx);
> }
>
>
>
>
>
>
>
>
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
