Firewall Wizards mailing list archives
Re: Enforcing content filtering with PIX515E
From: "Christopher J. Wargaski" <wargo1 () gmail com>
Date: Tue, 22 Jan 2008 22:28:12 -0600
Hey Ian-- The source TCP port will be (nearly) random, but your workstations will be configured to proxy to Surf Control at TCP port 8081. You first want to permit that traffic, then explicitly deny HTTP access elsewhere. Finally, allow the rest of your stuff. access-list acl_in permit tcp any host <surfcontrol's IP> eq 8081 access-list acl_in deny tcp any any eq 80 access-list acl_in permit icmp any any access-list acl_in permit ip any any _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Enforcing content filtering with PIX515E Ian Rarity (Jan 22)
- Re: Enforcing content filtering with PIX515E Josh (Jan 22)
- Re: Enforcing content filtering with PIX515E Victor Williams (Jan 22)
- Re: Enforcing content filtering with PIX515E Miedaner (Jan 23)
- Re: Enforcing content filtering with PIX515E Christopher J. Wargaski (Jan 22)
- Re: Enforcing content filtering with PIX515E Ian Rarity (Jan 28)
- Re: Enforcing content filtering with PIX515E Paul D. Robertson (Jan 22)