Re: [fw-wiz] Enforcing content filtering with PIX515E

---

• From: "Christopher J. Wargaski" <wargo1@xxxxxxxxx>
• Date: Tue, 22 Jan 2008 22:28:12 -0600

---

Hey Ian--

The source TCP port will be (nearly) random, but your workstations
will be configured to proxy to Surf Control at TCP port 8081. You
first want to permit that traffic, then explicitly deny HTTP access
elsewhere. Finally, allow the rest of your stuff.

access-list acl_in permit tcp any host <surfcontrol's IP> eq 8081
access-list acl_in deny tcp any any eq 80
access-list acl_in permit icmp any any
access-list acl_in permit ip any any
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

---

• Follow-Ups:
  • Re: [fw-wiz] Enforcing content filtering with PIX515E
    • From: Ian Rarity

• References:
  • [fw-wiz] Enforcing content filtering with PIX515E
    • From: Ian Rarity

• Prev by Date: Re: [fw-wiz] Enforcing content filtering with PIX515E
• Next by Date: Re: [fw-wiz] Enforcing content filtering with PIX515E
• Previous by thread: Re: [fw-wiz] Enforcing content filtering with PIX515E
• Next by thread: Re: [fw-wiz] Enforcing content filtering with PIX515E
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Firewall-Wizards  > 2008-01