[ale] selective DNS server for DHCP clients?

Erik Mathis erik at mathists.com
Wed Feb 27 14:35:17 EST 2013 

Been there and setup a dasguardian box. Its a really robust content 
filter and lets you do all sorts of cool things.
You can use it to setup access times, or setup a list of sites they can 
get to by either a username/password (NTLM) or by IP. It wont work for 
SSL in transparent mode. The proxy settings need to be setup on the PC 
or you can use a tau.pac file.

In DHCP put her mac in create and static entry, then make it hand out a 
gateway address of the filter boxes internal IP.

Like your DNS method or URL filtering, DG also uses a weighted keywords. 
You can set a threshold for denying a site.

For instance
sex:10
toys:10
erotic:60

Threshold = 30

So a site that is selling adult toys she wouldn't be able to see, but a 
kids toy store would be fine.

Its a much better approach then trying to figure out what to block/allow

-Erik-




On 02/27/2013 02:02 PM, Pete Hardie wrote:
> Hello all,
>
> After another round of disagreements concerning homework, I've 
> determined that my daughter can't resist the lure of time-wasting 
> Internet sites.  The wrinkle is that she has a school-issued laptop, 
> so I can't install anything on it to block access to the time-sinks.  
> So here's what I think I can do, and I need to know if it's possible:
>
> I already have a DHCP server on my desktop, providing fixed IPs and a 
> different DNS server for my ReplayTV boxen.  I'd like to target her 
> laptop's DNS to one running on my desktop, without using that one as 
> my desktop's DNS (I can use the router)
>
> I also need a good tutorial on DNS servers - I have dnsmasq, which 
> seems like it might work for my purposes - have the sites I need to 
> block be mapped to 127.0.0.1 for her laptop, while letting the rest to 
> resolve normally
>
> So is this feasible?  If not, is there a good alternative?
>
> TIA,
>
>
> Pete Hardie
> --------
> Better Living Through Bitmaps
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130227/07ced909/attachment-0001.html>

More information about the Ale mailing list