If you have a Linux machine available, you can use squid to setup a whitelist. This is a very effective and easily setup.
Modify squid's /etc/squid.conf as follows:
acl white dstdomain "/etc/squid/whitelist"
http_access deny !white
Create the /etc/squid/whitelist file and add domain names like .pcastl.org one per line.
Setup your router to only allow your Linux box access to the Internet. This is normally done my adding a allow list of MAC addresses. Then configure all other machines on your network to point to the Linux box as there web proxy.
See the following link for detail instructions about setting up the proxy. Note if all you want is a whitelist then you don't need SquidGuard. Also note the config lines in this article are incorrect. Use the ones I show above.
If you want your other machines to be able to access email then use rinetd to redirect some port on the Linux box to your mail server and setup all other machines on the network to point to the Linux box as their mail server. You could alternatively setup iptables rules, but rinetd is much simpler to setup.
5 comments:
thank you kevin this information really helped me and i would love for you to continue updating your site with more informational paragraphs
I'm trying to use the whitelist instructions, but must be doing something wrong. Where in the squid.conf do you place the acl white dstdomain "/etc/squid/whitelist and the http_access deny !whitelist?
Thanks dargan@gmail.com
Mike - Unfortunately, I don't have access to a linux machine setup like this anymore. Also it appears the article I link to is dead. However, I think this has the equivalent information: http://www.screaming-penguin.com/node/3871
Also I updated what appeared to be a typo in my original post.
We have recently made our domain whitelist available to the public. It is for general production use, it contains no adult or piracy related sites, so should be
suitable for most networks.
It can be downloaded here
http://www.squidblacklist.org/downloads/whitelist.txt
Post a Comment