On 03/19/2012 01:48 PM, Henrik Nordström wrote:
> mån 2012-03-19 klockan 11:35 -0300 skrev Marcus Kool:
>> An unfiltered CONNECT (default for Squid) allows (SSH) tunnels.
>
> Squid standard configuration only allows port 443, which restricts this
> to those who intentioanlly want to pierce any network usage policy.
>
>> I foresee a change. I foresee an increasing desire to be able to
>> filter everything because of the need to remove the existing holes
>> in security.
>
> There is undoubtly such environments.
>
> The question is if Squid is the right tool for this, or if it's in the
> target for Squid.
This is an important point.
It is the development team who makes the decision which features
will be implemented. Surely there is some common idea about
which direction Squid will go to but it is not clear to me.
I read the roadmap but it is sort of a wishlist and therefore I
started this discussion.
As Alex stated, there is no use in starting work on a pipe
filter for the filter if there is no Squid developer interested
in doing the work on Squid.
I am not in the position to actively support pipe filtering,
so the only thing that I can do is ask for it.
Best regards
Marcus
Received on Mon Mar 19 2012 - 18:52:22 MDT
This archive was generated by hypermail 2.2.0 : Tue Mar 20 2012 - 12:00:07 MDT