[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: status of fwtk?


On Fri, 30 Oct 1998, Michael Meskes wrote:
>On Thu, Oct 29, 1998 at 08:34:46PM +0100, Jordan Hrycaj wrote:
>> On Thu, 29 Oct 1998, Thomas Lakofski wrote:
>> yet. On my web page you find a locallly packed version of the fwtk 3.1.
>You mean 1.3 right?
>> Let me know if somebody is interested in that I put some more work on that, 
>> or that I pack this for debian.
>Yes, it's interesting. There's a patch for fwtk 2.0 out there that allows
>filtering of java, javascript and acxtive X applets. Is there a way to apply
>that patch to the old version? I think for a firewall it is rather important
>to be able to filter these applets out.
[snip ...]

OK, I will have a look at it the next days. Do you know already what the
copyright policy is? What would it mean just applying a part of the fwtk 

Without looking at the javascript filter I assume it should be no problem
to set up a filter that checks applets, assuming the patch or its
implementation ideas are legally usable.

As I see, it would even be more interesting thinking of patch a in combination
with squid. The problem with the TIS application gateway is, that it forks a
process for each connection which is not feasible for a larger site. So
implementing an application gateway filter would be - an easier task, though -
just the first step towards a more realistic solution.

For more than a year I worked (and patched) with the 1.1 series of squid 
on a larger scale and just switched to the 2.0 version. I feel that this 
would be the appropriate task to implement such a filter, here. There was
some discussion going on in the squid mailing list about these things.
Maybe I just ask these folks.


Version: 2.6.3ia
Charset: noconv


Reply to: