[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]







 "http://www.w3.org/TR/html4/loose.dtd">

<li>date: Sat Mar 6 17:06:44 2004</li>
<li>from: Robert.L.Harris at rdlg.net (Robert L. Harris)</li>
<li>in-reply-to: <<a href="msg00159.html">[email protected]</a>></li>
<li>references: <<a href="msg00156.html">20040306201713.ELEO13717.imf16aec.mail.bellsouth.net@mail.bellsouth.net</a>> <<a href="msg00157.html">[email protected]</a>> <<a href="msg00159.html">[email protected]</a>></li>
<li>subject: [ale] Proxy server / blocking router?</li>

My firewall is the dhcp client (my cablemodem doesn't do pppoe) however
yes, the firewall is the pppoe client.  For DNS you put a recursive DNS
server on the firewall then just point the machines inside the network
to the internal IP of the firewall.

I use 192.168.0.0 for my internal/NAT network.  My firewall has an
internal IP of 192.168.0.1, my proxy server is 192.168.0.200, etc.  I
run a bind9 client which listens on 192.168.0.1.

You could also find a recursive nameserver at an ISP or such that isn't
likely to go away and point your internal clients at that.


Thus spake Mike Murphy (mike at tyderia.net):

&gt; [haven't messed with squid for a while]:
&gt; 
&gt; how does that work if your router is doing your PPPoE for you now? Do 
&gt; you just set up the linux box as your PPPoE client then? If so, how 
&gt; would you get good dns server information to the clients on your home 
&gt; network (assuming you aren't running your own dns server somewhere, 
&gt; which I suppose you could)?
&gt; 
&gt; Mike
&gt; 
&gt; 
&gt; Robert L. Harris wrote:
&gt; &gt;
&gt; &gt;I put up a linux firewall between my network and my router.  The
&gt; &gt;firewall blocks ALL outgoing http/https traffic except from my desktop
&gt; &gt;and my squid proxy server.  
&gt; &gt;
&gt; &gt;The proxy box is a P3-450 to give you an idea of what is needed.  The 
&gt; &gt;squid server is also running squidguard with the chastity list.  Squidguard
&gt; &gt;redirects blocked traffic to a local file which tells them I've found
&gt; &gt;them going where I don't want them to and then logs the attempt.
&gt; &gt;
&gt; &gt;Squid and squidguard are VERY easy to set up.  I'd be willing to share
&gt; &gt;my config with you if you wish.
&gt; &gt;
&gt; &gt;
&gt; &gt;Thus spake griffisb at bellsouth.net (griffisb at bellsouth.net):
&gt; &gt;
&gt; &gt;
&gt; &gt;&gt;Hey all, 
&gt; &gt;&gt;
&gt; &gt;&gt;  I was going through my Linksys router logs and noticed access to some 
&gt; &gt;&gt;  sites I'd really rather not be hit. I've spoken to my kids about it - 
&gt; &gt;&gt;  but would like to put in some filtering transparent proxy server or 
&gt; &gt;&gt;  router.
&gt; &gt;&gt;
&gt; &gt;&gt;  Right now my Linksys router can only block on up to 10 keywords - so 
&gt; &gt;&gt;  it's absolutely useless for blocking. My old netgear router could block 
&gt; &gt;&gt;  on up to 99 keywords - still not enough, but a little better.
&gt; &gt;&gt;
&gt; &gt;&gt;  Can anyone recommend a proxy server or router than has good hate / 
&gt; &gt;&gt;  violence blocking? Preferably a free (or open source) list. And 
&gt; &gt;&gt;  something that can be done transparently, so I wouldn't need to modify 
&gt; &gt;&gt;  the PCs to provide blocking. I'd like to yank out my Linksys, and put 
&gt; &gt;&gt;  in something that does DHCP, routing, firewall and transparent proxy 
&gt; &gt;&gt;  server work.
&gt; &gt;&gt;
&gt; &gt;&gt;  Is this something Squid can do? Or would I put Squid in line between my 
&gt; &gt;&gt;  existing router and my LAN, forcing all traffic through the Squid 
&gt; &gt;&gt;  server? Help! 
&gt; &gt;&gt;_______________________________________________
&gt; &gt;&gt;Ale mailing list
&gt; &gt;&gt;Ale at ale.org
&gt; &gt;&gt;<a  rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
&gt; &gt;&gt;
&gt; &gt;&gt;** CRM114 Whitelisted by: ale at ale.org **
&gt; &gt;&gt;
&gt; &gt;&gt;** ACCEPT: CRM114 Whitelisted by: ale at ale.org **
&gt; &gt;&gt;
&gt; &gt;
&gt; &gt;
&gt; &gt;:wq!
&gt; &gt;---------------------------------------------------------------------------
&gt; &gt;Robert L. Harris                     | GPG Key ID: E344DA3B
&gt; &gt;                                         @ x-hkp://pgp.mit.edu
&gt; &gt;DISCLAIMER:
&gt; &gt;      These are MY OPINIONS ALONE.  I speak for no-one else.
&gt; &gt;
&gt; &gt;Life is not a destination, it's a journey.
&gt; &gt;  Microsoft produces 15 car pileups on the highway.
&gt; &gt;    Don't stop traffic to stand and gawk at the tragedy.
&gt; &gt;
&gt; &gt;
&gt; &gt;------------------------------------------------------------------------
&gt; &gt;
&gt; &gt;_______________________________________________
&gt; &gt;Ale mailing list
&gt; &gt;Ale at ale.org
&gt; &gt;<a  rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
&gt; 
&gt; -- 
&gt; 
&gt; +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
&gt; Mike Murphy
&gt; 781 Inman Mews Drive Atlanta GA 30307
&gt; Landline: 404-653-1070
&gt; Mobile: 404-545-6234
&gt; Email: mike at tyderia.net
&gt; Email Pager: pagemike at tyderia.net
&gt; AIM: mmichael453
&gt; JDAM: 33:45:14.0584N  84:21:43.038W
&gt; +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
&gt; _______________________________________________
&gt; Ale mailing list
&gt; Ale at ale.org
&gt; <a  rel="nofollow" href="http://www.ale.org/mailman/listinfo/ale";>http://www.ale.org/mailman/listinfo/ale</a>
&gt; 
&gt; 
&gt; ** ACCEPT: CRM114 Priority Whitelisted by: CRM114 **
&gt; 

:wq!
---------------------------------------------------------------------------
Robert L. Harris                     | GPG Key ID: E344DA3B
                                         @ x-hkp://pgp.mit.edu
DISCLAIMER:
      These are MY OPINIONS ALONE.  I speak for no-one else.

Life is not a destination, it's a journey.
  Microsoft produces 15 car pileups on the highway.
    Don't stop traffic to stand and gawk at the tragedy.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature



</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00156" href="msg00156.html">[ale] Proxy server / blocking router?</a></strong>
<ul><li><em>From:</em> griffisb at bellsouth.net (griffisb at bellsouth.net)</li></ul></li>
<li><strong><a name="00157" href="msg00157.html">[ale] Proxy server / blocking router?</a></strong>
<ul><li><em>From:</em> Robert.L.Harris at rdlg.net (Robert L. Harris)</li></ul></li>
<li><strong><a name="00159" href="msg00159.html">[ale] Proxy server / blocking router?</a></strong>
<ul><li><em>From:</em> mike at tyderia.net (Mike Murphy)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00163.html">[ale] Hardware probs(was Need Help w/Debian Sarge...)</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00165.html">[ale] By the way, guys...</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00159.html">[ale] Proxy server / blocking router?</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00167.html">[ale] Request for info on mknod -- or How I ran out of device names</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00164"><strong>Date</strong></a></li>
<li><a href="threads.html#00164"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>

<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>

Prev by Date: [no subject]
Next by Date: [no subject]
Previous by thread: [no subject]
Next by thread: [no subject]
Index(es):
- Date
- Thread