Linux Router Caching Proxy Content Filter?
kimball at kimballlarsen.com
Mon Jul 20 21:32:24 MDT 2009
Howdy smart people!
I've got a new Ubuntu Jaunty box (named "Silver") with 2 nics -
192.168.0.4 and 192.168.0.5. My home gateway is 192.168.0.1.
I'd like to set up the jaunty box to be the new gateway for all my in-
house traffic, such that all clients would connect like this:
Client -> 192.168.0.5 -> Firewall/Content Filter -> 192.168.0.4 ->
192.168.0.1 -> DSL Modem -> Internets.
192.168.0.1 is a WRT54G running OpenWRT with a firewall that I put
together myself. (dangerous, in my experience).
Here is what I need some help with:
a) Change the firewall on 192.168.0.1 to *only* allow traffic on all
ports from 192.168.0.4. Refuse to even accept connections from the
lan side from anything else.
b) Set up silver to act as a router for the rest of the network, so
that all the clients use 0.5 as their gateway, and silver internally
routes everything from 0.5 to 0.4, which in turn uses 0.1 as its
c) Set up DansGuardian or somesuch in conjunction with squid or
whatever is the best for DG to allow for content filtering of all web
and IM traffic.
I've got a house full of kids that are getting old enough that the
sesame street and PBS sites are not keeping up with them anymore, but
I don't want to have to make huge whitelists of sites they can visit
on every computer in the house. I'd rather centralize the whole
affair as above, but I've never done the whole DansGuardian thing
before. Tips? Pointers? Someone want to do this for me?
Oh, one last thought:
Silver runs a bunch of other services for me that I *really* don't
want to interrupt with the firewall config on it:
Websites (http://www.kimballlarsen.com, http://
www.hugegrocersavings.com, http://www.coinforge.com, etc, etc)
Email for all the above sites
DNS for all my domains
All this traffic goes through 0.4 already, as I just installed the 0.5
interface this evening.
More information about the PLUG