[CentOS] Web Filter

Fri Dec 5 20:59:48 UTC 2008
William L. Maltby <CentOS4Bill at triad.rr.com>

On Fri, 2008-12-05 at 14:53 -0500, Andrew Hull wrote:
> Joseph L. Casale wrote:
> > I have a location using a CentOS 5 server that's multihomed running Asterisk and iptables for internal web access.
> > 
> > Recently some sales people got busted surfing some explicit content so the owner wants something in there to block this.
> > 
> > I had heard of Dans Guardian and am reading about what's involved here but just wanted an opinion on what's the best solution for this. NTLM silent auth would be an asset, but the lan is simple and the owner doesn't need granular control if it would be complicated.
> > 
> > What are you guys using with good results?/
> > Thanks?
> > jlc
> ><snip sig stuff>

> Opendns, as Lanny suggested, works as they advertise. Its not very 
> granular though.
> 
> I've also been using Untangle (untangle.com) and just love it. Its FLOSS 
> with commercial add-ons; but I think the straight FLOSS capabilities are 
> great without the fee-based extras.
> 
> Its a linux-based router distro. Capable of full NAT routing or as a 
> transparent bridge, you just build up a beige box with 2 NICs and put 
> this baby in between the PCs and the internet.
> 
> Its got a great UI, and is really flexible.
> 
> Depending on what you were hoping for/envisioning it could be a great fit.

I'm not sure if the latest has all the features OP is seeking, but I've
been using IPCop for ages with NP (which means I've not really visited
the site and browsed as I should). It has a decent Web interface for
administration, ability to block ports, custom Iptables rules inclusion
support, squid proxy capability, etc. Has Green/Red/Blue/Orange zone
support. I've run it on my old Pentium 200MHz with 96MB and got
900MB/sec from good sites through my Road Runner turbo link (w/10/100 Mb
nics). With 2xGB nics on an AMD K7 @ 360MHz, 1.2MB/sec.

Easy install, administration and upgrade path. Biggest weakness is that
docs seem to lag severly sometimes.

And it's FREE open source based on LFS (2.4 kernels?). Find it here.

    http://ipcop.org/

> 
> Andy
> <snip sig stuff>

HTH
-- 
Bill