Skip to content

Home

Jump to bottom Edit New page
karlhiramoto edited this page Jun 30, 2011 · 14 revisions

(NFQNF) Netfilter Queue Web Filter

About

What NFQNF is

  • Web (HTTP) content filter.
    • Plugable filters ( hostname, URL string, anti-virus, IP , time ranges)
    • Rules based, rules contain 0 or many filters.
  • Designed to be faster than traditional proxy servers (squid, tinyproxy, et al) as there are less bytes transfered between the kernel and user-space
  • Only works on linux, uses the linux NF_QUEUE feature
  • Lightweight, and scalable, can be run on tiny embedded processor in SOHO router, up to large machines with many core CPUs

What NFQNF is NOT

  • A caching proxy

Installation

See NFQWF Install page.

Configuration

See NFQWF Configuration page.

Road Map

A lot of testing needs to be done. Bug reports with repeatable test cases are very welcome, as are patches.

More filters would be nice, some filter ideas:

  • google safe-browsing This depends on a C API to google safe browsing though.
  • squidgaurd filters that read the same blacklist files as http://www.squidguard.org/
  • Multiple DNS blacklisting services, (OpenDNS, ScrubIT, Google, et al)
Add a custom footer
Add a custom sidebar
Clone this wiki locally