Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I am using Cradle Point MBR1400 router for hotspot services .
What I am trying to do is content filtering to block porno websites . I tested opendns content filtering and it worked well. However, I want to use other proxy server that has the filter rules that I have .
I used other devices flashed with DD-WRT and I was able to use IP Tables command to do that " pointing to a proxy server like w.x.y.z : 47567 "
You'd have to set up a hosts file sort of deal where a FQDN is re-directed to instead of a 127.0.0.1 address it would send it to a local web page. I think it could even be a simple file but I never tried that. Any small web server you have running for that warning page would do.
The main issue is getting all those bad sites. The more easy way is to get only good sites allowed and use other protection ideas.
You could edit /etc/hosts and assign an IP of an http server to act as the block page. That would be a very long list of sites and not without issues. Not everything references /etc/hosts these days. And with such a long list it would be performance degrading and a maintenance headache. Plus any tech savvy type could bypass that with proxies and other sites that are setup to send web pages via email or mirror them on that other site. All of which would do little more than show intent than actually solving a greater issue.
I'm not sure of the configurations at this time. But squid should be able to import the hosts file and maybe some non-host file as a hosts file. And dns_masq is another option that many find a tad simpler to setup than squid is to setup, in my opinion.
Squid is already setup as a proxy server with a blacklist of sites. If in your browser settings under proxy server, you put the IP address of this server and port 44567, then if you try to navigate to a porn site, you get a page saying "not allowed". If the site is good, it goes to the site.
The problem with this, is that we cannot force people to set their browsers to point to a proxy server.
Like I mentioned earlier, on two other router models, we were able to have the router forward all traffic to the proxy server using IP tables or Firewall Rules as described above.
1) I am trying to accomplish the same thing in the Cradlepoint MBR1400, but cannot figure out how.
2) Alternately, I thought it might be possible to use our Squid Content Filtering Proxy Server's IP address as the DNS Server in the Cradlepoint Router, however this does not redirect traffic the way it does when it is used as a proxy server, it acts simply as a DNS forwarder.
Any help you can provide me in getting either #1 or #2 to work would be greatly appreciated. It must be possible somehow, if other routers can do #1.