[ale] selective DNS server for DHCP clients?

Pete Hardie pete.hardie at gmail.com
Fri Mar 8 09:27:32 EST 2013


I was not savvy to that fact.  I may revisit this, but for now, this will
do - I just need to be able to block the big timewaster sites, not content
so much.

Pete Hardie
--------
Better Living Through Bitmaps


On Fri, Mar 8, 2013 at 9:17 AM, Boris Borisov <bugyatl at gmail.com> wrote:

> You actually do this proxy-squid setup on your firewall PC/router so
> port 80 traffic get redirected trough squid. So no changes on the PCs
> required. Personally have used squid for cache webpages/images and
> limiting downloads size to 1 MB. This was back in modem/ISDN times :)
> Have read squid could do much more.
>
> On 3/8/13, Pete Hardie <pete.hardie at gmail.com> wrote:
> > I needed something that would not require anything configured differently
> > on the laptop, since it has to work with the school wifi, and I've found
> it
> > finicky with those things.  Also, if there are other issues, their SOP
> is a
> > wipe and reinstall, which would erase the proxying.
> >
> >
> >
> > Pete Hardie
> > --------
> > Better Living Through Bitmaps
> >
> >
> > On Fri, Mar 8, 2013 at 7:50 AM, Boris Borisov <bugyatl at gmail.com> wrote:
> >
> >> www.cyberciti.biz/tips/linux-setup-transparent-proxy-squid-howto.html
> >>
> >> On 3/6/13, Pete Hardie <pete.hardie at gmail.com> wrote:
> >> > A followup, for those interested in the results
> >> >
> >> > I think that I have found a working configuration.  I currently have
> >> dhcpd
> >> > running, supplying a few fixed IPs for my DVRs, and pointing them at
> my
> >> > WIRNS server for replacement guide data, and I was able to set up
> >> > another
> >> > MAC-specific stanza to point
> >> > my Nook to use my desktop as its DNS, which is handled by dnsmasq.  I
> >> > set
> >> > up dnsmasq to map reddit.com to 127.0.0.1 and it appears to do what I
> >> want
> >> > - fail to load that site.
> >> >
> >> > I could use dnsmasq to supply the DHCP, and may switch to that once I
> >> feel
> >> > that everything else is working totally to my satisfaction
> >> >
> >> > Thanks again to all for the suggestions and war stories about blocking
> >> your
> >> > kids' access!
> >> >
> >> >
> >> > Pete Hardie
> >> > --------
> >> > Better Living Through Bitmaps
> >> >
> >> >
> >> > On Thu, Feb 28, 2013 at 3:24 PM, Ron Frazier (ALE) <
> >> > atllinuxenthinfo at techstarship.com> wrote:
> >> >
> >> >>
> >> >>
> >> >> Mike Harrison <cluon at geeklabs.com> wrote:
> >> >>
> >> >> >On Wed, 27 Feb 2013, Pete Hardie wrote:
> >> >> >> Thanks - I'll take a closer look and see if I can wrap my head
> >> >> >> around
> >> >> >it.
> >> >> >> and to the list - I think that dnsmasq will do what I want, since
> >> >> >> it
> >> >> >allows specification of a DNS server for the DHCP clients, and can
> be
> >> >> >configured to not
> >> >> >> be the DNS server for the host, leaving it to use the router and
> >> >> >> ISP
> >> >> >servers.
> >> >> >
> >> >> >A friend of mine with various ages of children has chosen to
> >> >> >incrementally
> >> >> >make internet access harder and harder. The two eldest children have
> >> >> >developed some serious network hacking skills as a result. His
> >> >> > devious
> >> >> >goal was less about restricting access to online materials and
> >> >> >activities
> >> >> >and more about learning how things worked.
> >> >> >
> >> >> >His most recent step was physically unplugging at around 9-10pm
> >> >> >(time for bed),,.  and his 14 year old boy discovered "pringles can"
> >> >> >antenna technologies as a result.
> >> >> >
> >> >> >The bad news, and why I know.. is he got enough signal to leach from
> >> >> > my
> >> >> >
> >> >> >house.. where he got sniffed and monitored. I'm not exactly next
> >> >> > door,
> >> >> >but
> >> >> >I am line of sight..
> >> >> >
> >> >>
> >> >> No one leaches my wifi since it's encrypted.  They could sniff it,
> but
> >> >> they'd get gibberish.
> >> >>
> >> >> Sincerely,
> >> >>
> >> >> Ron
> >> >>
> >> >>
> >> >> --
> >> >>
> >> >> Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9
> >> >> Mail.
> >> >> Please excuse my potential brevity if I'm typing on the touch screen.
> >> >>
> >> >> (PS - If you email me and don't get a quick response, you might want
> >> >> to
> >> >> call on the phone.  I get about 300 emails per day from alternate
> >> >> energy
> >> >> mailing lists and such.  I don't always see new email messages very
> >> >> quickly.)
> >> >>
> >> >> Ron Frazier
> >> >> 770-205-9422 (O)   Leave a message.
> >> >> linuxdude AT techstarship.com
> >> >>
> >> >>
> >> >> _______________________________________________
> >> >> Ale mailing list
> >> >> Ale at ale.org
> >> >> http://mail.ale.org/mailman/listinfo/ale
> >> >> See JOBS, ANNOUNCE and SCHOOLS lists at
> >> >> http://mail.ale.org/mailman/listinfo
> >> >>
> >> >
> >> _______________________________________________
> >> Ale mailing list
> >> Ale at ale.org
> >> http://mail.ale.org/mailman/listinfo/ale
> >> See JOBS, ANNOUNCE and SCHOOLS lists at
> >> http://mail.ale.org/mailman/listinfo
> >>
> >
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130308/bd91972c/attachment-0001.html>


More information about the Ale mailing list