Linux Router Caching Proxy Content Filter?

Kimball Larsen kimball at
Mon Jul 20 21:32:24 MDT 2009

Howdy smart people!

I've got a new Ubuntu Jaunty box (named "Silver") with 2 nics - and   My home gateway is

I'd like to set up the jaunty box to be the new gateway for all my in- 
house traffic, such that all clients would connect like this:

Client -> -> Firewall/Content Filter -> -> -> DSL Modem -> Internets. is a WRT54G running OpenWRT with a firewall that I put  
together myself. (dangerous, in my experience).

Here is what I need some help with:

a)  Change the firewall on to *only* allow traffic on all  
ports from  Refuse to even accept connections from the  
lan side from anything else.

b)  Set up silver to act as a router for the rest of the network, so  
that all the clients use 0.5 as their gateway, and silver internally  
routes everything from 0.5 to 0.4, which in turn uses 0.1 as its  

c)  Set up DansGuardian or somesuch in conjunction with squid or  
whatever is the best for DG to allow for content filtering of all web  
and IM traffic.

I've got a house full of kids that are getting old enough that the  
sesame street and PBS sites are not keeping up with them anymore, but  
I don't want to have to make huge whitelists of sites they can visit  
on every computer in the house.  I'd rather centralize the whole  
affair as above, but I've never done the whole DansGuardian thing  
before.  Tips?  Pointers?  Someone want to do this for me?

Oh, one last thought:
Silver runs a bunch of other services for me that I *really* don't  
want to interrupt with the firewall config on it:
Websites (, http://,, etc, etc)
Email for all the above sites
DNS for all my domains
All this traffic goes through 0.4 already, as I just installed the 0.5  
interface this evening.


-- Kimball

More information about the PLUG mailing list