>> yes. However, you would need filter that would detect the used protocol.
>> I'm afraid it's currently impossible to push such filter to squid w/o
>> patching and recompiling it.
>>
>> Also, I'm not 100% sure that it's easy to detect ssl negotiation and
>> refuse
>> connection if it's not used (note that TLS negotiation is in some cases
>> requested after initisl handshake)
>>
>> Last, when SSL is used, you even can't tell what protocol is inside of it.
>
> thanks, then I will look to lock at least some dynamic IP addresses in order to
> prevent abuse by my users. ;-)
Check out http://l7-filter.sf.net/ , it's got a "anything with SSL" regexp.
Jan Engelhardt
--Received on Mon May 30 2005 - 04:41:26 MDT
This archive was generated by hypermail pre-2.1.9 : Wed Jun 01 2005 - 12:00:04 MDT