Possibly unusual proxy/filter

[John McDermott <jjm () jkintl com>]

I manage a system that provides a web service.  We serve port 80 on one
machine (call it "A") and some ports on other machines that are not an
issue.  What I'd like to do is to put an inbound ("reverse") proxy in
front of the web server such that the proxy can allow access only to
specified pages and scripts.  (Sort of a reverse "content filter".)  I
know that through proper Apache configuration I can clearly limit
access, but I'm looking for another layer of "depth" in the protection. 
It'd be nice if I could even validate the arguments to cgi-scripts, but
that may be asking too much.

Right now we have a system running FW-1, but "it doesn't seem to be able
to do what I want" and management is looking for something less
expensive...  A solution that could use Linux would be great as
everything else in our environment is Linux.

I saw the note about zorp, but it looks to be pretty early in its life
cycle.

Any other ideas?

Thanks,
--john


-- 
John McDermott, Writer and Consultant
J-K International, Ltd.
V +1 505/377-6293  F +1 505/377-6313
jjm () jkintl com

_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards