I have been researching an open source replacement for websense that can provide an indirect method of filtering, where a cisco router will perform a lookup to a websense type of filter and will itself drop or allow the packet based on a yes or no answer from this websense type filter. The Cisco router does this using the "ip urlfilter server vendor" command.


This doesn't necessarily need to be implemented in the router, but needs to be indirect, meaning web traffic cannot go through a proxy/gateway.

I am trying to determine if a dansguardian solution will do this, so far no luck. I also looked at openDNS where the URL filtering behaves much like this indirect websense method. However, another requirement is that the reporting needs to be able to track abuse back to a user (active directory and dynamic private IP). So this may not be a solution either.

Has anyone tried to tackle this, or know possibly where to look for a wrapped up solution? Or should I break out wireshark and start looking at the router -> websense traffic and roll my own with dansguardian as the filter source?