>>> I have a client whose office includes three computers on a small
>>> "Windows Workgroup" network. One is a Linux fileserver running
>>> Samba, and the other two are Windows XP Professional workstations.
>>> One of these XP machines sits on the client's desk, and the other is
>>> on his assistant's desk. He has enquired about a means of
>>> preventing access to any websites other than a specific
>>> business-related list of sites from his assistant's computer, but he
>>> still wants full access from his own machine. The Internet access
>>> is provided by cable broadband, and the network is serviced by a
>>> small off-the-shelf router/firewall that will allow blocking of
>>> predetermined URLs (a site-ban list), but will not allow
>>> across-the-board blocking with an exception list.
>>>
>>> I'm more than willing to learn what I need to for configuring and
>>> installing a simple server that will provide the needed
>>> functionality, and the client is willing to pay for such a server's
>>> installation. Does anyone have any advice for me?
>>
>>
>>
>> I don't know if this is advice, but it sounds like a simple iptables
>> ruleset would be perfect for that.
>
>
> An iptables ruleset with a REDIRECT to a transparent restrictive proxy
> would probably be best. Sure, you can filter websites by IP, but it's
> far easier to list/restrict the URL patterns in something like squid
> or apache.
>
Ah, I didn't think about fine-grained restriction of sub-urls available
beneath the host level.
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:30:43 EDT