[squid-users] Filtering activex/java/javascript

From: Plant, Dean <dean.plant@dont-contact.us>
Date: Wed, 10 Aug 2005 09:58:20 +0100

Can anyone advise the best up to date way of filtering
activex/java/javascript in conjunction with Squid and Dansguardian I am
using squid-2.5.STABLE6 on Centos 4.

I have been trawling the mail archives and the web and have come across
a few possible solutions but would like to ask how other people are
doing this in a production environment and if some of the solutions
below are still valid.

Firstly, in case im making this more difficult than it need's to be, is
it possible to filter out the dangerous content in squid alone. I notice
within the squid.conf there is a rule that deny's javascript, but is it
possible use a similar rule to stop activex.

The squid FAQ

http://www.squid-cache.org/Doc/FAQ/FAQ-4.html#ss4.16 references http-gw
which can filter the required content. Is this a recommend way of
filtering content? The website for fwtk does not seem to be very up to
date.

Squid filter modules

http://sites.inka.de/sites/bigred/devel/squid-filter.html has modules to
filter content. Is anyone using these? I have tried to follow the
instructions to patch/compile but receive the below errors when running
the aclocal command as per the instructions.

acinclude.m4:10: warning: underquoted definition of
AC_CHECK_SIZEOF_SYSTYPE
  run info '(automake)Extending aclocal'
  or see
http://sources.redhat.com/automake/automake.html#Extending-aclocal
acinclude.m4:49: warning: underquoted definition of AC_CHECK_SYSTYPE
configure.in:2420: error: `filters/Makefile' is already registered with
AC_CONFIG_FILES.
autoconf/status.m4:848: AC_CONFIG_FILES is expanded from...
configure.in:2420: the top level
autom4te: /usr/bin/m4 failed with exit status: 1
aclocal: autom4te failed with exit status: 1

Is there any other open source solutions available that I have not seen?

Thanks in advance.

Dean Plant
Received on Wed Aug 10 2005 - 02:58:38 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Sep 01 2005 - 12:00:01 MDT