Firewalls - Ease of Use and Maintenance?

Richard Kulawiec rsk at
Wed Nov 9 07:11:45 CST 2011

On Wed, Nov 09, 2011 at 03:32:45PM +0300, Alex Nderitu wrote:
> An important feature lacking for now as far as I know is content/web
> filtering especially for corporates wishing to block
> inappropriate/time wasting content like facebook. 

1. That's not a firewall function.  That's a censorship function.

2. You can of course easily do that via a variety of means, including
BOGUS'ing the domains in DNS, blocking port 80 traffic to their network
allocations, running an HTTP proxy that blocks them, etc.  I presume
that any minimally-competent censor could easily devise a first-order
solution (using the software packages supplied with OpenBSD) in an afternoon.


More information about the NANOG mailing list