On Wed, Dec 3, 2008 at 10:12 AM, Gary Buckmaster <[EMAIL PROTECTED]> wrote: > It can be done, although not if the proxy machine is inside your LAN. It > would need to live on a separate network segment (ie: DMZ). In this case, > yes, its possible to redirect outbound traffic for TCP 80 to the proxy > machine, do your content filtering and pass it on. You cannot transparently > proxy SSL traffic in this manner however due to the fact that the streams > are encrypted.
Well, there are ways to do it, all of them evil :) Consider it a trusted MITM attack. Wheeee...outside of commercial proxies however, I know of no open source way to automate this (without lots of work on the administrator end to set it up). --Bill --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org