[ale] selective DNS server for DHCP clients?

Pete Hardie pete.hardie at gmail.com
Wed Feb 27 14:57:45 EST 2013


I'll give it a look

Pete Hardie
--------
Better Living Through Bitmaps


On Wed, Feb 27, 2013 at 2:35 PM, Erik Mathis <erik at mathists.com> wrote:

>  Been there and setup a dasguardian box. Its a really robust content
> filter and lets you do all sorts of cool things.
> You can use it to setup access times, or setup a list of sites they can
> get to by either a username/password (NTLM) or by IP. It wont work for SSL
> in transparent mode. The proxy settings need to be setup on the PC or you
> can use a tau.pac file.
>
> In DHCP put her mac in create and static entry, then make it hand out a
> gateway address of the filter boxes internal IP.
>
> Like your DNS method or URL filtering, DG also uses a weighted keywords.
> You can set a threshold for denying a site.
>
> For instance
> sex:10
> toys:10
> erotic:60
>
> Threshold = 30
>
> So a site that is selling adult toys she wouldn't be able to see, but a
> kids toy store would be fine.
>
> Its a much better approach then trying to figure out what to block/allow
>
> -Erik-
>
>
>
>
>
> On 02/27/2013 02:02 PM, Pete Hardie wrote:
>
>  Hello all,
>
>  After another round of disagreements concerning homework, I've
> determined that my daughter can't resist the lure of time-wasting Internet
> sites.  The wrinkle is that she has a school-issued laptop, so I can't
> install anything on it to block access to the time-sinks.  So here's what I
> think I can do, and I need to know if it's possible:
>
>  I already have a DHCP server on my desktop, providing fixed IPs and a
> different DNS server for my ReplayTV boxen.  I'd like to target her
> laptop's DNS to one running on my desktop, without using that one as my
> desktop's DNS (I can use the router)
>
>  I also need a good tutorial on DNS servers - I have dnsmasq, which seems
> like it might work for my purposes - have the sites I need to block be
> mapped to 127.0.0.1 for her laptop, while letting the rest to resolve
> normally
>
>  So is this feasible?  If not, is there a good alternative?
>
>  TIA,
>
>
>  Pete Hardie
> --------
> Better Living Through Bitmaps
>
>
> _______________________________________________
> Ale mailing listAle at ale.orghttp://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists athttp://mail.ale.org/mailman/listinfo
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130227/dc8d2e4b/attachment-0001.html>


More information about the Ale mailing list