Subject: | |
From: | |
Reply To: | |
Date: | Wed, 1 Oct 2008 09:09:00 +0800 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Art Wildman wrote:
> vivek chal wrote:
>> hello all
>>
>> i have made a server which is acting as a dhcp,dns and internet
>> gateway in scientific linux 4.5. Now i want my clients won't access
>> some websites such as orkut,facebook etc . Also i don't want to use
>> proxy. Please help me .
>>
Use of iptables to control access to websites isn't feasible, because
it's possible to have many websites at a single IP address, and to have
one website at many IP addresses.
I don't know a solution that does not use a proxy and a content filter.
>
> The best practice is to setup filtering with a transparent proxy or
> bridging firewall, there are other filtering mechanisms which require
> updating the filters often or manually. There are also custom LiveCDs,
> Wifi Hotspot Apps & Firewall Distro's that have all this built into a
> simple appliance distro which may be better suited for your application.
>
> Setup a transparent proxy with Squid in three easy steps - 200712 NixCraft
> http://www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
>
>
> How To Block WebPages Based On Keywords Or Phrases With SafeSquid Proxy
> Server
> http://www.howtoforge.com/blocking-webpages-based-on-keywords-or-phrases-with-safesquid-proxy
>
> http://www.howtoforge.com/how-to-enforce-google-safesearch-with-safesquid-proxy-server
>
> http://www.howtoforge.com/how-to-block-porn-pictures-and-images-with-safesquid-proxy-server
>
>
> How To Set Up Shorewall (Shoreline) 4.0 Firewall On CentOS 5.1
> http://www.howtoforge.com/how-to-set-up-shorewall-firewall-on-centos-5.1
>
> A parent's guide to Linux Web filtering - 200407 Linux.com
> http://www.linux.com/articles/113733
>
> DansGuardian
> http://dansguardian.org/
I tried dansguardian some years ago, and found I fairly useless: it
prevented me from accessing (for example) security documents. It had a
(long) list of "bad" words, and blocked documents that had too many of them.
I found short documents tended to have relatively few of them and could
discuss almost anything, whereas log documents, on account of their
length, tended to have a lot of them and so be blocked.
Of course, ymmv and your experience might be better.
I use squidguard (find it with google): that filters based on URLs, and
there are free lists.
A problem I have with it is that I don't know how to stop people
searching for combinations of apparently-innocent words like "office,"
"school," "filter," blocker.
I have found it necessary to block search engines, including google, and
have a home-build front-end to google.
--
Cheers
John
-- spambait
[log in to unmask] [log in to unmask]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
|
|
|