On 24/03/2012 2:22 a.m., Michał Wiącek wrote:
If I am understanding you right, what you actually want is a whitelist or blacklist of destinations in the firewall. This would work better than what Squid can offer with HTTPS.Yes , whitelist would be best for meIn both cases you have the same problems of figuring out and listing what destination IP/host are to be blocked or allowed. The firewall can do it far faster and simpler though.I know that firewall can do it - but have hundreds of domains name which need to be resove by dns it overkill my Cisco firewall, for now i have rules by ipv4 and it is higly loaded, but ip for domains changes sometimes and giving many troubles ... I want move that to squid proxy (it would be for me easiest and costless change cause have a lot not used servers) I could try do it with iptables scripts , but want do it by squid
Squid has the same problem. When comparing IP to domain, the domain must be resolved during the testing. Every time.
[Linux Audio Users] [Photo] [Yosemite News] [Samba] [Video Projectors] [Video Devices] [Big List of Linux Books] [LCD TVs] [Webcams] [Linux USB]