on Fri, Jul 09, 2004 at 04:52:30PM -0400, Adam Aube ([EMAIL PROTECTED]) wrote: > Karsten M. Self wrote: > > > Are there any tools which can block outbound web traffic via headers? > > > I've taken steps to minimize users' use of MSIE, but it's still possible > > to acccess it on desktops > > > I pretty clearly can't stop 'em at the desktop. I suspect I can block > > the traffic via the header (user-agent string). Any tools for doing > > this specifically? > > IPTables patch-o-matic has the capability to match on arbitrary strings in > packets, but you're probably better off with something that can decode the > entire HTTP request before matching. > > I don't know of any tool that just blocks certain browsers, but Squid has a > browser acl you could use for this purpose.
Right. There's a recent list post addressing just this.
> Beware, though - if you have Opera users that need to masquerade as MSIE to
> use certain broken sites, they could get blocked as well.
Not a problem here. I know the client side and control it.
I can also rewrite headers on the proxy if it's necessary to spoof, but
it should't be. Even Reuters is now apparently fixing their crap.
http://twiki.iwethey.org/Main/UserAgentString
Peace.
--
Karsten M. Self <[EMAIL PROTECTED]> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Reject EU Software Patents! http://swpat.ffii.org/
signature.asc
Description: Digital signature
