On Fri, Jan 07 2011 at 59:07, Girish Venkatachalam wrote: > I try to use OpenBSD wherever I can and in the firewall I have > installed in a big jewel store > here I have the following problem. > > Many websites these days "Akamize" or do whatever that gives them a > different IP address > everytime you access it. > > And consequently pf which does not know a thing about domains does not help > us. > > I want a solution which can address this. Use a proxy according your application protocol (like squid for http) and do the applicative filtering on it.
> What I currently do is add an entry manually to /etc/hosts and ask > everyone in the network > to us my DNS. > It is crappy and bereft with 100s of problems. > > First thing is that it does not allow us to use "Akamaizer" and load > balancing feature offered by them. > > And it is not a good idea to change on every computer... > > Is there a better idea? Proxification will mostly require modifications on the client's side but it could be simplified with proxy.pac distribution. If you go the socks way, you won't have any choice but to install a proxy client on each computer. Claer
