On 3/30/12 11:32 AM, Nick Kew wrote:
On 30 Mar 2012, at 15:57, Megan Wilhite wrote:
I want to be able to filter Web content. Our business wants to block
various websites, such as facebook.
That doesn't sound like filtering contents. More like blocking selected sites.
Why not do that at the IP level?
To do it in trafficserver you'd just read the extensive docs in the
default remap.config file.
What Nick so succinct said is, if you want to block facebook.com you could
do e.g.
regex_map http://.*facebook.com http://your-own-c-blocking-site.com
(make sure your blocking site accepts requests for any domain, or change ATS
config to not send pristine Host: headers when remapping).
That would drag in e.g. myfacebook.com as well, but you get the idea. If you
want to simply give it an error, map to something that doesn't exist (e.g.
http://www.example.com). But having a page telling your users they have been
blocked is probably a nice thing to do.
Unless you do transparent proxying on your network gear, you can do what
Nick suggests, blackholing the IPs for facebook.com. That's probably more
work, particularly if/when FB add new IPs.
Ciao,
-- Leif
