Levi Bard wrote:
>
>> I have a client whose office includes three computers on a small
>> "Windows Workgroup" network. One is a Linux fileserver running Samba,
>> and the other two are Windows XP Professional workstations. One of
>> these XP machines sits on the client's desk, and the other is on his
>> assistant's desk. He has enquired about a means of preventing access
>> to any websites other than a specific business-related list of sites
>> from his assistant's computer, but he still wants full access from his
>> own machine. The Internet access is provided by cable broadband, and
>> the network is serviced by a small off-the-shelf router/firewall that
>> will allow blocking of predetermined URLs (a site-ban list), but will
>> not allow across-the-board blocking with an exception list.
>>
>> I'm more than willing to learn what I need to for configuring and
>> installing a simple server that will provide the needed functionality,
>> and the client is willing to pay for such a server's installation.
>> Does anyone have any advice for me?
>
>
> I don't know if this is advice, but it sounds like a simple iptables
> ruleset would be perfect for that.
An iptables ruleset with a REDIRECT to a transparent restrictive proxy
would probably be best. Sure, you can filter websites by IP, but it's
far easier to list/restrict the URL patterns in something like squid or
apache.
-- - Ian C. Blenke - Director of Service Delivery <icblenke@nks.net> (This message bound by the following: http://www.nks.net/email_disclaimer.html) ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:30:36 EDT