[146318] in North American Network Operators' Group
Re: Firewalls - Ease of Use and Maintenance?
daemon@ATHENA.MIT.EDU (Richard Kulawiec)
Wed Nov 9 08:13:05 2011
Date: Wed, 9 Nov 2011 08:11:45 -0500
From: Richard Kulawiec <rsk@gsp.org>
To: nanog@nanog.org
In-Reply-To: <4EBA72ED.2010909@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, Nov 09, 2011 at 03:32:45PM +0300, Alex Nderitu wrote:
> An important feature lacking for now as far as I know is content/web
> filtering especially for corporates wishing to block
> inappropriate/time wasting content like facebook.
1. That's not a firewall function. That's a censorship function.
2. You can of course easily do that via a variety of means, including
BOGUS'ing the domains in DNS, blocking port 80 traffic to their network
allocations, running an HTTP proxy that blocks them, etc. I presume
that any minimally-competent censor could easily devise a first-order
solution (using the software packages supplied with OpenBSD) in an afternoon.
---rsk
