[H-GEN] Restricting web site access
Peter Arnold
arnoldpj at optushome.com.au
Mon Mar 28 05:07:53 EST 2005
David Duffy wrote:
> [ Humbug *General* list - semi-serious discussions about Humbug and ]
> [ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
>
> Hi everyone,
> What is the best way to restrict web site access on a "per user"
> basis with Windows XP machines going through a Debian proxy?
What do you mean by "Debian Proxy"? Is it NATing or doues it have a
caching proxy like squid?
>
> The browsers used are both IE and Firefox. IE can have settings
> to approve or block certain sites but Firefox doesn't seem to.
>
> Googling gives the impression that the Debian box is suitable for
> this for of use but I'm not sure of how to start off. Blocking based
> on the domain name may be usable but can this be done per user?
Squid has quit good user/site ACLs that you could apply but that could
be a lot of work unless you want to just allow/deny access for a few
people to a few sites.
>
> Another thing I'm considering is content based internet filtering.
> Does anyone have any pointers on this? Something that's proxy
> based would be good so that it can't be disabled by Win users.
> David...
In another post you mentioned you can't pass on usernames... AFAIK you
can make this work. Development on SquidGuard has now stopped so you
might want to look at alternatives. Also the black list leaves a bit to
be desired and is rather eratic.
The only viable alternative that I know of is www.dansguardian.org. It's
not totally free but is open source and you can get the blacklists
free... once....
HTH
--
Peter Arnold
+-----------------------------------+-----------------+
| mailto:arnoldpj at optushome.com.au | To err is human |
| Brisbane, Qld, Australia | To moo bovine. |
+-----------------------------------+-----------------+
More information about the General
mailing list