http antivirus scan

Hi all!

First of all, love the new EFW it is a rock solid fw with lots of good 
features.

Now my question:

Is it possible to enable http virusscanning without having the http 
proxy enabled?
I might be mistaken but I think I got that working in  the previous 
release. The service lists (havp) as stopped when I have disabled the 
proxy, and yes I did check the "antivirus enabled" box.

-X-

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: Hosting sites on the GREEN interface

The responses so far do not seem to answer this part
of Jean Rousseau Franco's Question:

 > I would like to host two sites (two different
 > registered domains) on two machine on the Green
 > interface. These machines right now host also the
 > Databases that are used locally by an application
 > and can also be queried from the site, hence my
 > need for having them on the Green.
 > Before I had a different solution, and I used
 > a Proxy-Pass that would forward the requests to
 > a local machine based on the name of the domain. Is
 > this possible?

In other words, is there any way to forward incoming
requests on a given port to two different GREEN hosts
based on the hostname part of the URL?

As one who has just studied the EFW Manual with a view
to replacing my Smoothwall and IPcop installations with
EFW, I suspect that this would require either a http proxy
configuration which proxies incoming http/https requests
(so far not part of EFW, but perhaps a valuable addition),
or else separate IP addresses for the two hostnames
which can be set up as Aliases on RED and can then be
separately port-forwarded to the two GREEN hosts.

--

-- 
Wolf N. Paul
wnp- <at> -doulos.at

Questions on HTTP content filter

1. May I ask, to save myself looking through the source, which software the
http content filtering is based on?

2. How difficult is it to configure things so that

   a. Some clients may bypass the proxy altogether

   b. Some clients need to use the proxy, but may bypass content filtering,
and

   c. All other clients will use the filtered proxy

   And, of course, how would I go about that.

I had modified Smoothwall 0.99 to work this way, but already looking at
IPcop config files it would not work the same way, and I have not yet even
looked at EFW. 

Thanks in advance for any suggestions.

Regards,

Wolf Paul

--

-- 
View this message in context: http://www.nabble.com/Questions-on-HTTP-content-filter-tf1962671.html#a5385203
Sent from the efw-user forum at Nabble.com.

-------------------------------------------------------------------------

Multiple RED Interface

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

_______________________________________________
Efw-user mailing list
Efw-user@...
https://lists.sourceforge.net/lists/listinfo/efw-user

Re: http antivirus scan

This is done be design. SQUID is a more robust proxy with ACL's. I can see
using HAVP on its own in a small home network, but for a more robust
handling of HTTP traffic it is recommended to use HAVP in conjunction with
SQUID, and let HAVP just handle the scanning.

Best regards,

Dayne 
--

-- 
View this message in context: http://www.nabble.com/http-antivirus-scan-tf1960630.html#a5393839
Sent from the efw-user forum at Nabble.com.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: Questions on HTTP content filter

1. Yes you may, it is a free world.
2. Not that difficult
  a. Yes the can by adding these clients IP's to Proxy > HTTP > Network
Based Access Control > Unrestricted IP addresses. Bear in mind that these
computers will bypass the entire proxy including Antivirus scanning.
  b and c. At the present moment this is not possible. Possibly in future
versions this could be made possible, but the current design of the HTTP
Antivirus+Content Filter+SQUID does not provide a way to limit some users
and allow others to bypass the content filter.

Best regards,

Dayne
--

-- 
View this message in context: http://www.nabble.com/Questions-on-HTTP-content-filter-tf1962671.html#a5394250
Sent from the efw-user forum at Nabble.com.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: Hosting sites on the GREEN interface

Port forwarding is just that, forwarding requests to an internal host given a
certain port. The firewall does not inspect the URL that the client is
searching for, this is a DNS or HTTP application issue. I don't believe it
should be the firewall's job to do such a thing, it should rather be done at
the server.

Best regards,

Dayne
--

-- 
View this message in context: http://www.nabble.com/Hosting-sites-on-the-GREEN-interface-tf1949611.html#a5394334
Sent from the efw-user forum at Nabble.com.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: Questions on HTTP content filter

dayne_lucas wrote:
> 
> 1. Yes you may, it is a free world.
> 

Thank you. Does anyone have an answer to the question: What software is the
content-filtering based on?

dayne_lucas wrote:
> 
> 2. Not that difficult
>   a. Yes they can by adding these clients IP's to Proxy > HTTP > Network
> Based Access Control > Unrestricted IP addresses. Bear in mind that these
> computers will bypass the entire proxy including Antivirus scanning.
> 

O.K., Great. But we have antivirus software on all clients, anyway.

dayne_lucas wrote:
> 
>   b and c. At the present moment this is not possible. Possibly in future
> versions this could be made possible, but the current design of the HTTP
> Antivirus+Content Filter+SQUID does not provide a way to limit some users
> and allow others to bypass the content filter.
> 

Ah well, we'll live without it, then, for now.

Thanks, again, Dayne, for the clear answers.

Regards,

Wolf
--

-- 
View this message in context: http://www.nabble.com/Questions-on-HTTP-content-filter-tf1962671.html#a5394660
Sent from the efw-user forum at Nabble.com.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: Questions on HTTP content filter

wnpaul said the following on 7/19/2006 7:41 AM:

 > Thank you. Does anyone have an answer to the question: What software 
is the
 > content-filtering based on?

Content filtering, IIRC, is done by Dan's Guardian 
<http://dansguardian.org/>.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

Re: Multiple RED Interface

1) First you will need to access the console via ssh. 

2)Then cp /var/efw/uplinks/main /var/efw/uplinks/link2 

3)Modify the /var/efw/uplinks/link2/settings file in vi to reflect the other
ISP connection. Make sure to change the RTABLE=200 to RTABLE=201.  

"This value is used as name of the link specific routing table, as priority
within routing rule table (ip rule) and as mark in the iptables mangle table
(iptables -t mangle -vnL)" - Peter Endian 

Some people have reported issues with portforwarding.  

"if you use portforwarding, keep in mind that if you have multiple uplinks
you have different uplink ip addresses" - Peter Endian 

Best regards, 

Dayne 
--

-- 
View this message in context: http://www.nabble.com/Multiple-RED-Interface-tf1964237.html#a5394719
Sent from the efw-user forum at Nabble.com.

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV