Jim, the most common open source http proxies are Squid and Apache's mod_proxy. However, both are caching proxies in the first place and don't include features you are used to from Gauntlet. (You mention Active-X filtering explicitely and neither Squid nor Apache can filter it, AFAIK.) Moreover, Apache's mod_proxy works only with version 1.0 of HTTP protocol (as oposed to version 1.1, now widely used) which can lead to problems. You may give a try to the http proxy included in T-REX. This is Apache mod_proxy with additional security features. Now I cannot remember whether it can filter Active-X but I am pretty sure that it has some filtering capabilities. Just try to check the feature list and then test it. Hope this helps, Josef On Sun, Jun 17, 2001 at 01:15:06PM -0400, Jim Seymour wrote: <snip> > Another one of our sites, using T.REX for a firewall, has no problems. > (Yet one client in the problem building, when re-config'd to use the > HTTP proxy in the other building [across our WAN], had problems. Go > figure.) > > So what I'd like to do is try replacing http-gw on our Gauntlet > firewall with another HTTP proxy. Does anybody know of any Open Source > HTTP proxies that could be trusted in such a role? I've looked around, > but haven't been able to identify a candidate. I'd try replacing > http-gw with the generic plug-proxy, but I don't want to lose the > Active-X and other filtering that http-gw gives us. _______________________________________________ firewall-wizards mailing list firewall-wizardsat_private http://www.nfr.com/mailman/listinfo/firewall-wizards
This archive was generated by hypermail 2b30 : Tue Jun 19 2001 - 19:04:30 PDT