Review your favorite Linux distribution.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 03-27-2014, 07:32 PM   #1
Registered: Oct 2013
Location: IN, USA
Distribution: Arch, Debian Jessie
Posts: 813

Rep: Reputation: 264Reputation: 264Reputation: 264
A few questions about setting up a Internet filter on Ubuntu Server 12.04.03

I have been thinking about setting up a home Internet filter for a while. I thought it would be an interesting project to try, and a friend suggested that I give it a shot. (I think) I understand the basics of networking, but have several questions. As a quick disclaimer, I might not actually start setting this up until the end of the school year because of schoolwork.

For the filter, I wanted something that would be able to block access to malicious websites, and also block downloads with certain file extensions (*.exe, *.bat, etc), to keep my little sisters from clicking on the wrong things. Something with an override password would be preferred.

My thoughts for the setup were this:

Internet connection from DSL router >> Ethernet port 1 on my server
Ethernet port 2 on my server >> a Ethernet/WiFi router
Router >> All the other computers to be connected to the filter

I currently don't have a router to use, but I have some Amazon gift cards and was looking at this one. Is it a good choice, or is there a better one I might want (I'd prefer to stay under $20).

I also found that I should use Squid as the content filter. I haven't done much research on that yet, but I plan on doing so sometime in the (hopefully near) future.

Thanks for sharing your time and knowledge!
Old 03-27-2014, 08:08 PM   #2
LQ Guru
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 6,223

Rep: Reputation: Disabled
Internet connection from DSL router >> Ethernet port 1 on my server
Ethernet port 2 on my server >> a Ethernet/WiFi router
Router >> All the other computers to be connected to the filter
How about this:

Internet connection from DSL modem (no router functionality, bridge mode) >> Ethernet port 1 on server
Ethernet port 2 on server (which will do routing and NAT) >> an Ethernet switch and wireless AP (no routing)

You can run a proxy in your server and turn NAT off. This way nobody can bypass your proxy. See Privoxy project.

Last edited by Emerson; 03-27-2014 at 08:09 PM.
Old 03-27-2014, 08:09 PM   #3
Registered: Feb 2008
Distribution: Debian Testing, OSX
Posts: 164

Rep: Reputation: 32
I've done quite a bit with building custom routers/filters. These are the solutions that worked for me:

-Squid + SquidGuard. It worked, but was sluggish.

-Squid + Dansguardian. It also worked, but was still sluggish, though somewhat quicker. Squid really was too much for what I wanted. It has a lot of cool features, but I needed something lighter.

-Tinyproxy/fireproxy/<insert small proxy here> + Dansguardian. This really was the sweet spot for me. It was quick and effective.

-IPTables/PFTables...I couldn't really get this one to work well. I didn't have time to really get to know IPTables very well.

-Some router distribution...Endian, ClearOS, PFSense, IPCop, etc. These were my favorite. They are easy to use, but not quite as much fun. If you want it to just work, I suggest one of these. Endian and ClearOS were my favorite, just for ease of use.

My topology was this: DSL router -> eth1 on custom router -> eth2 on custom router (serving IP addresses) -> switch -> user computers. They were unable to bypass it (with appropriate physical security), and no one even noticed the filtering.

My next foray will be with a second-hand Linksys I picked up for a couple of dollars, and a third-party firmware distro like ddwrt or openwrt or something. If you decide to go this route, make sure whichever router you use is listed on the firmware's supported hardware list. It would be a shame to get a cool router only to have it bricked because it's unsupported.

Good luck! I'm excited for the results!

Last edited by bcwagne; 03-27-2014 at 08:11 PM. Reason: Clarification/spelling


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How to Filter HTTPS Traffic with Squid 3 on Ubuntu Server 13.10 LXer Syndicated Linux News 0 01-06-2014 10:41 AM
Ubuntu on Dell Dimension 4500, Internet Filter afullmetalwar Linux - Software 1 05-20-2010 11:38 PM
Questions about setting up a file server eyedrinkvenom Red Hat 7 03-05-2010 03:26 AM
use linux server to act as a internet filter/cache server jasonx22 Linux - Distributions 2 03-22-2009 04:10 AM
a few questions about setting up a mail server sporkit Linux - Networking 12 04-08-2004 06:47 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 12:22 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration