Re: Using Debian / iptables to block outbound MSIE via headers?

To: debian-user@lists.debian.org
Subject: Re: Using Debian / iptables to block outbound MSIE via headers?
From: Adam Aube <aaube01@baker.edu>
Date: Fri, 09 Jul 2004 16:52:30 -0400
Message-id: <[🔎] ccn0ea$ai8$1@sea.gmane.org>
References: <[🔎] 20040709201622.GK1971@ix.netcom.com>

Karsten M. Self wrote:

> Are there any tools which can block outbound web traffic via headers?

> I've taken steps to minimize users' use of MSIE, but it's still possible
> to acccess it on desktops

> I pretty clearly can't stop 'em at the desktop.  I suspect I can block
> the traffic via the header (user-agent string).  Any tools for doing
> this specifically?

IPTables patch-o-matic has the capability to match on arbitrary strings in
packets, but you're probably better off with something that can decode the
entire HTTP request before matching.

I don't know of any tool that just blocks certain browsers, but Squid has a
browser acl you could use for this purpose.

Beware, though - if you have Opera users that need to masquerade as MSIE to
use certain broken sites, they could get blocked as well.

Adam

Reply to:

Follow-Ups:
- Re: Using Debian / iptables to block outbound MSIE via headers?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>

References:
- Using Debian / iptables to block outbound MSIE via headers?
  - From: "Karsten M. Self" <kmself@ix.netcom.com>

Prev by Date: Re: 2.6.7 boot problem
Next by Date: About emacs
Previous by thread: Using Debian / iptables to block outbound MSIE via headers?
Next by thread: Re: Using Debian / iptables to block outbound MSIE via headers?
Index(es):
- Date
- Thread