Content Filtering setup for 2000 ISP users

Matt Juszczak matt at atopia.net
Mon Mar 7 15:51:31 PST 2005


Hello all,

Setting up a content filtering machine (two nics, ipnat, ipf) with a 
transparent proxy and Dan's guardian.  ipnat and or ipf will RDR all 
outgoing packets on port 80 to the localhost proxy server which is Dan's 
guardian.

Question is, I've got a base distro of freebsd running a custom kernel at 
securelevel=2.  I've got ipfilter compiled into the kernel with default 
set to deny all.

Any other suggestions on this one?  Should I jail the proxy?

Thx,

Matt


More information about the freebsd-questions mailing list