PDA

View Full Version : [ubuntu] URL filter + LAN passthrough without NAT/firewall



c0d3sl1ng3r
April 27th, 2009, 09:03 AM
OK, I want to look at setting up and configuring a URL filter to log all network HTTP requests (who and when, mainly) and filter based on undesirable content parameters.

So far I am looking at SquidGuard on top of Dansguardian, which looks about as good as it gets.

The tricky part is that this box will go into an already established and predominantly Windows network that sits behind a comprehensive and thoroughly set up firewall. The firewall controls all sorts of things including serving L2TP/IPSEC and SSL VPN, remote Outlook Web Access, SSH etc.

For obvious reasons that last thing I want to do is put a second NAT firewall behind the first.

Ideally I want to put a box in that passes all network traffic through 2 NICs (internally and externally facing respectively) and only listen for and react to URL requests on the network.

Anyone have any clues to resources on establishing something like this ?

My last efforts along this line was some years ago using SUSE Linux 8 or 9 (I forget which) and I know that things have moved on apace.

Most of the resources I can find involve using the Linux box as a fully blown firewall/router whereas I only want traffic passthrough routing and scanning.

windependence
April 27th, 2009, 12:51 PM
Take a look at untangle. Pfsense is good also. Both of these can do routing but don't have to. You can set them up just for filtering or traffic shaping.

-Tim

iponeverything
April 27th, 2009, 12:59 PM
squid/squidGuard work well. If your firewall supports wccp2, it will make it very easy to for you to drop a transparent proxy into the mix without the need for the dual NIC setup.