A firewall is a system for enforcing access control policy between two networks and is one of the most important measures to protect against network attacks. Firewalls traditionally protect the internal network from outside threats. But there has been increasing need for preventing the misuses of the network by the internal users which most previous firewalls overlook. In this paper, we propose a method of adding content filtering functionality to the firewall and describe its implementation. We also show a new attack that combines JAVA Applet and XML to get around the content filtering firewall, hence showing the need for clear usage policy for software and systems.