> > On 05/01/10 16:11, Luke Jaeger wrote: > > > Has anyone had any success blocking Tor thru pfsense/squidguard? > Some > > of > > > our savvier students are starting to use it to get around the > content > > > filters ... > > > > that's a classic case of having a "permit any + deny specific" > policy. > > You'll have to turn it round, make it "deny all + permit specific", > set > > up an http proxy with same policy and (don't allow CONNECT except > under > > fine control) and don't allow anything else out of your network > except > > that explicitly wanted. > > > > You are wrong, "deny all + permit specific" is not enough for blocking > > TOR. >
Depends how specific you are - if it looks like web access then it's going to be hard to be specific enough without being too specific --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
