Joshua Draper wrote: > I just built a working prototype of a drop-in content filter using > dansguardian with squid. It uses two NICs that are bridged together > with an ebtables rule and an iptables rule that route all web > requests through dansguardian/squid. It works really well. > > The nice thing about using the bridge is you can put it anywhere in > the network and it just works with no configuration. You can put it > in front of your home router or behind. There is no NAT, so servers > still work just fine behind it, but I believe the web content you > serve will be filtered as well, but you could add a whitelist entry > to dansguardian I think.
This is a great and a step in the right direction. However I'd still rather have an all-in-one appliance. IE, 5 ethernet ports, built-in wireless for AP. The problem with putting your device behind the WAP is that it won't filter wireless. If you put it in front of the WAP, everything gets filtered (good), but there's not way to configure the filter. IE, there's no way to reach a web application for managing the black, white, and grey lists. For about $250 I can build a nice embedded system with the ports and the wireless, all in a box about the size of the WRT54G. But that's about $150 too expensive. Michael > > Joshua Draper > Department of Civil and Environmental Engineering > Brigham Young University > > > > > > > -------------------- > BYU Unix Users Group > http://uug.byu.edu/ > > The opinions expressed in this message are the responsibility of their > author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. > ___________________________________________________________________ > List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list > -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
