Kind OFF Topic. FreeBSD for Blocking URLS? Nanny?
Jorge Biquez
jbiquez at intranet.com.mx
Tue Apr 10 03:28:23 UTC 2012
Hello all.
I am sorry if this is kind OFF Topic. I am looking for help from more
experienced people in these areas. Please let me know if this
question should be moved to FREEBSD-CHAT list.
As I have mentioned before I am helping a school , non profit with
their IT issues. As always there are some "experts" that controls
everything and do not let you change anything because is their
kingdom. Anyway, there we have Internet service from a cable company
and they have some cisco routers to receive the access and from there
some Cisco Switches.
In the classrooms we have very old PCs running XP. In some of my
classes I am using Freebsd and Ubuntu running on a USB. So each
student have one USB and they work that way booting from their 4GB
USB stick. (it is slow but it has worked until now).
One of the managers asked me for help to block some web sites were
some students in the other lab and people that helps there waste
bandwithd seeing videos, movies (youtube, cuevana, serieid, etc) and
spend lot of time on facebook also. Our bandwidth is only 4Mb and you
understand that with a few that are seeing movies and videos the rest
of us can not work at all. Thing is that "other manager" (you know
how those things are sometimes) do not want us to do that since his
"guru" and expert is the one that controls all the Network. So the
best we could get until now is that we can do "all we can" without
touching the Cisco routers and until now not administrative password
for change anything on the PCs (that could change one we prove that
we can have the solution and show it to the board of people that runs
the place).
The Internet provider gives the DNS servers to use and one of the
routers gives the DHCP service.
First thing I thought was to change the DNS servers and use the one
from my small office (running Freebsd 7.3) using Bind there and
simply block there pointing the sites to nothing in the Apache
configuration. It does not work. Once changed the DNS values the PC
does not resolve anything. It was a quick test but that does not
work. Not sure if Internet provider is blocking in some way that we
can not use other DNS server but theirs.
Other solution I was thinking while coming home was to convert one
machine there to a freebsd server and use it as a router (if they let
me) so that way I can control from there and do filtering. Issue is
that maybe they do not let me but connect the server as an extra
machine without replacing the main router so in that case I would
have 2 DHCP servers doing the same service in the same lan and could
be conflicts I guess.
Another solution a friend suggested was to buy one small router (from
my money for sure) and let that small router to receive the internet
(RJ45) and from that with the small 4 port switch included to provide
the internet to the switches to feed the labs , library and
administrative offices. I have never use one of those and I am short
on money so I would like to explore other alternatives before if possible.
Finally another solution would be to install in each PC a kind of
Nanny software but only if free, otherwise is not a solution (I do
not know of any yet but will do searching the following hours).
I know all can be solved if the "guru-expert" guy would let me have
passwords from PC's, router, etc but that won't be an option since
they think we would try to take the control of those services (we do
not want that) so the burocracy could be a problem there. He have
told them that to block is not possible (they have been working that
way for years).
So, in this kind of schema. Do you think FreeBSD (even linux) could
be of help if we do not have access to routers, switches and can not
install new software on the PCs( the ones running XP)?
Any comments you have that could help me to solve this challenge?
Thanks in advance for your time and comments.
Jorge Biquez
More information about the freebsd-questions
mailing list