dj at linuxfromscratch.org
Wed Oct 13 23:09:53 PDT 2004
Declan Moriarty wrote:
> To what
> extent can a firewall function as a 'Net Nanny'?
A school that I do a little work for has a nice setup that uses public
blacklists. The 'setup' is Linkwall for Border Manager (Squid and
SquidGuard with a nice Novell style GUI) and seems to work pretty well.
Unfortunately, I don't know a whole lot about it. I started jotting
things down for a future hint, and never got past squid, which did do
it's job very well once configured correctly. Check out
http://www.squidguard.org/ and the official squid guide here.
http://squid-docs.sourceforge.net/latest/html/book1.html Also, I found
another mini howto that gets right to the meat and potatoes
You still need a firewall, hardware ones are the simple solution and
should be more than enough for a home network. Linksys and Netgear
products are both under $50 in the US and provide enough forwarding
options to run at least a couple of servers behind them. Obviously
building your own with iptables would be much more capable. Also, if
you go with a hardware router and the setup above, you'll want to have a
separate dhcp server so that the DG will be set to your squidguard box
(which should be configured as a transparent proxy). Also note that if
you have an old PC lying around, and a switch, the iptables box is
definately the cheaper solution if you can avoid placing a value on your
Hope that gives you something to go on.
More information about the blfs-support