[pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
Hi, I'm setting up a firewall for a high school but the school management requested that students should not able to access pornography sites, currently i have enabled any any rule on the WAN and LAN interface of my box. Is there anyone can help me out in on how to apply a rule that will block students from accessing pornography sites. Appreciate any help. Thanks, Joseph.
Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
Either DNS blacklist package or via opendns.com account. Mehma --- On May 23, 2010, at 5:08 PM, Joseph Rotan wrote: Hi, I'm setting up a firewall for a high school but the school management requested that students should not able to access pornography sites, currently i have enabled any any rule on the WAN and LAN interface of my box. Is there anyone can help me out in on how to apply a rule that will block students from accessing pornography sites. Appreciate any help. Thanks, Joseph. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
OpenDNS is probably the quickest solution to your problem however it does have drawbacks and is limited in its application and it costs money for the premium features. A better solution would be to install a filtering proxy (e.g. Dansguardian - www.dansguardian.org) and use firewall rules to force all outgoing web traffic through this. Not only will it provide the blocking you are after but it also has a plethora of other functions (e.g. reporting, NTLM/LDAP domain authentication, virus content scanning etc.). If you have a windows domain the NTLM/LDAP authentication may be of interest to you, it allows you to block different types of content for different users. It is a bit of work to learn if you haven't used it before but well worth the effort and the website and mailing lists are very helpful. We use it in our organisation with much success. Cheers, Daniel From: Joseph Rotan [mailto:joseph.ro...@gmail.com] Sent: Monday, 24 May 2010 9:39 AM To: support@pfsense.com Subject: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites Hi, I'm setting up a firewall for a high school but the school management requested that students should not able to access pornography sites, currently i have enabled any any rule on the WAN and LAN interface of my box. Is there anyone can help me out in on how to apply a rule that will block students from accessing pornography sites. Appreciate any help. Thanks, Joseph.
Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
On Sun, May 23, 2010 at 8:08 PM, Joseph Rotan wrote: > Hi, > > I'm setting up a firewall for a high school but the school management > requested that students should not able to access pornography sites, > currently i have enabled any any rule on the WAN and LAN interface of my > box. > > Is there anyone can help me out in on how to apply a rule that will block > students from accessing pornography sites. > That's impossible to do with rules, rules can either allow web access or block it, not allow it dependent on content. You need content filtering of some sort, OpenDNS's free service is what many users use. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
Schools in the USA require CIPA level of protection. I know dans guardian does support that and maybe squid guard. Rules would not support that level and OPENDNS does not either (dns can be changed with a host file, CIPA requires content level inspection.) -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Sunday, May 23, 2010 6:39 PM To: support@pfsense.com Subject: Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites On Sun, May 23, 2010 at 8:08 PM, Joseph Rotan wrote: > Hi, > > I'm setting up a firewall for a high school but the school management > requested that students should not able to access pornography sites, > currently i have enabled any any rule on the WAN and LAN interface of > my box. > > Is there anyone can help me out in on how to apply a rule that will > block students from accessing pornography sites. > That's impossible to do with rules, rules can either allow web access or block it, not allow it dependent on content. You need content filtering of some sort, OpenDNS's free service is what many users use. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
CIPA does not, in fact, require content level inspection. This is something that the vendors of CIPA compliant filters use in their marketing, but it simply isn't true. CIPA requires a best-effort attempt to filter children's access to "harmful material" and the ability for teachers to override the block in the case of overblocking. Richard Sperry wrote: Schools in the USA require CIPA level of protection. I know dans guardian does support that and maybe squid guard. Rules would not support that level and OPENDNS does not either (dns can be changed with a host file, CIPA requires content level inspection.) -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Sunday, May 23, 2010 6:39 PM To: support@pfsense.com Subject: Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites On Sun, May 23, 2010 at 8:08 PM, Joseph Rotan wrote: Hi, I'm setting up a firewall for a high school but the school management requested that students should not able to access pornography sites, currently i have enabled any any rule on the WAN and LAN interface of my box. Is there anyone can help me out in on how to apply a rule that will block students from accessing pornography sites. That's impossible to do with rules, rules can either allow web access or block it, not allow it dependent on content. You need content filtering of some sort, OpenDNS's free service is what many users use. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites
OpenDNS makes a good option. Using their DNS Servers have worked wonders in many places for us - nothing is 1000% full proof of course sign up for an account and place in your ip range give it a shot - well worth the cost (its free) _ Glenn Kelley | Operations Director | Typo3USA | www.Typo3USA.com Ohio NOC | 317 South North Street | Washington CH OH 43160 Skype Messenger: vinehosting Email: gl...@typo3usa.com Phone: 740-490-8668 Pplease don't print this e-mail unless you really need to. On May 24, 2010, at 8:13 AM, Gary Buckmaster wrote: CIPA does not, in fact, require content level inspection. This is something that the vendors of CIPA compliant filters use in their marketing, but it simply isn't true. CIPA requires a best-effort attempt to filter children's access to "harmful material" and the ability for teachers to override the block in the case of overblocking. Richard Sperry wrote: Schools in the USA require CIPA level of protection. I know dans guardian does support that and maybe squid guard. Rules would not support that level and OPENDNS does not either (dns can be changed with a host file, CIPA requires content level inspection.) -Original Message- From: Chris Buechler [mailto:cbuech...@gmail.com] Sent: Sunday, May 23, 2010 6:39 PM To: support@pfsense.com Subject: Re: [pfSense Support] How to apply rule on pfsense 1.2.3 to block pornography sites On Sun, May 23, 2010 at 8:08 PM, Joseph Rotan wrote: Hi, I'm setting up a firewall for a high school but the school management requested that students should not able to access pornography sites, currently i have enabled any any rule on the WAN and LAN interface of my box. Is there anyone can help me out in on how to apply a rule that will block students from accessing pornography sites. That's impossible to do with rules, rules can either allow web access or block it, not allow it dependent on content. You need content filtering of some sort, OpenDNS's free service is what many users use. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
