[CentOS] A simplistic parental-control setup

Pete Travis lists at petetravis.com
Thu Jan 5 16:07:06 UTC 2012


It won't help more than /etc/hosts entries, but I've found using OpenDNS
with a free account and a script / client to keep the IP in sync to be very
effective. DNS redirects can be applied categorically or with a per domain
blacklist.  The metrics and charts are interesting too, on a nicely basis
or to check on what's slipping through the filters.

--Pete
On Jan 5, 2012 7:47 AM, "Marko Vojinovic" <vvmarko at gmail.com> wrote:

> On Thursday 05 January 2012 01:39:49 Ljubomir Ljubojevic wrote:
> > On 01/05/2012 12:58 AM, Marko Vojinovic wrote:
> > > I am looking at the simplest (implementation-wise) solution to the
> > > following problem (on CentOS 6.2):
> > >
> > > I have a list of web addresses (like http://www.example.com,
> > > https://1.2.3.4/, etc.) that should be "forbidden" to access from a
> > > particular host. On access attempt, the browser should be redirected to
> > > a local web page (file on the hard disk) with the explanation that
> > > those addresses are forbidden. The possible ways of disallowed access
> > > include:
> > >
> > > * typing www.example.com or http://1.2.3.4/ in the browser
> > > * typing www.example.com/anyfolder/somefile.html in the browser
> > > * clicking on www.example.com when listed as a link on some other web
> > > site (say, Google search results)
> > > * nothing else.
> > >
> > > The last point above assumes that the users will never try any other
> > > method of accessing the site. These user's knowledge about computers in
> > > general is known to be elementary, so I don't need protection against
> > > geniouses who can figure out some obscure way to circumvent the
> > > lockdown (and please don't tell me that this is an irrational
> > > assumption, I know it is...).
> > >
> > > If possible, all this should be on a "per user" basis, but if
> > > implementing it system-wide would be much simpler, I could live with
> > > it. :-)
> > >
> > > The point is that I need a simple, easy-to-implement, easy-to-configure
> > > and easy-to-maintain solution for this particular usecase. What I don't
> > > need is some over-engineered solution that covers my usecase along with
> > > a whole bunch of stuff I will never need, and takes two months to
> > > configure properly. It should also be F/OSS, preferably included in
> > > CentOS repos or elsewhere.
> > >
> > > Or alternatively I could go along with manually setting up a bogus
> > > httpd/dns/iptables configuration which would do all this, but I have a
> > > feeling that it would not be the easiest thing to maintain...
> > >
> > > I'd appreciate any suggestions. :-)
> >
> > There is squidguard in RepoForge repository. It's a plugin for squid.
> > There is also dansguardian.
>
> I'll take a look at both of these, thanks! :-)
>
> > If you use separate firewall box, you can use ClearOS, it has
> > dansguardian set up.
>
> No, the machine is already installed with CentOS. Furthermore, I am
> supposed
> to set up all this remotely (via ssh), since I don't have physical access
> to
> the box itself...
>
> Best, :-)
> Marko
>
>
>
>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



More information about the CentOS mailing list