DaZZa wrote:
Folks.
As part of my "get Linux into the company by the backdoor" sneakiness, I'm looking for some web blocking software.
We have a pile of steaming dog faeces called "Surf Control" which runs on WindoZe, but it's not even close to acceptable for us, so I'm sniffing at alternatives.
What I want is a product which sits on the network in promiscuous mode, sniffs out HTTP requests, and then kills the connection based on rules which include content type, time, username etc etc.
Anyone know of a product for Linux which will do this? It needs an active database {Surf Control's one redeeming feature is that they maintain a large database of websites, and continually update it} and catagorise them into stuff like "adult/sexually related", "computing and the internet" and other classes.
I know I'm asking a lot - Surf Control is a nice piece of software, except for the fact that it doesn;t bloody work properly! I want the features, I'd just like to do something similar on an open source platform.
DaZZa
You could use Squid (http://www1.au.squid-cache.org/) but it's a regular web proxy not a "search and destroy" agent. Still, if you block ports 80/443 outgoing at the perimeter unless they originate from the proxy you have an effective means of FORCING everyone to use the proxy. This is what we do and it works well.
Also, we use Squid's "delay pools" which throttle certain types of content over a certain size etc. For example, if a user wants a Shockwave Flash file that's 2MB, they get the first 100KB at full speed, then it trickles through at 15kbps (<1/2 dial-up speed - heheh). Discourages users from saturating our 4Mbps connection downloading game demos and porn.
Another bonus is it authenticates back to our Win2K Active Directory so we can link users<->url. So when they do something that contravenes our acceptable use policy, we have the records to make their lives hell (or just extort $$$ from them).
I know it's not what you asked for specifically, but it's a VERY powerful piece of software.
Cheers,
James -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
