Topic: Restrict internet to a few computers or use authentication!

[Jáder]

I´m using SME 6.0.1-01 and need to restrict internet access to a few computers/users (5 of 35).

I have seen ip_block contrib (do not apply because it deny IP for DHCP!). So I have to configurate all with Manual IPs.

I also tryed squidguard (from Abe Contribs or Techgeeks site) but do not apply, because block porn/spam/... sites but do not block ALL but a few sites to a few computers.

Now I discovered squid-auth from C.Bharda... but appears to be for SME 5.5 !

Anyone has already done something like that?

I think the ideal solution should appear to be like Abe SquidGuard, blocking by MAC address and have support to non commercial hours... so on non commercial hours others could access!
AND should exist a white list configurable (for windows update, Antivirus updates and other few sites!) , those will be allways accessed for everyone!

Thanks!

Jáder

[jmvelez]

Try e-smith.dyndns.org site and download his contribution.  It force the user to login or you can list the only websites they can visit

[raem]

jader

> I´m using SME 6.0.1-01 and need to restrict
> internet access to a few computers/users (5 of 35).

I believe you could also do this using Dansguardian. Block access to all users with a global rule (in bannedsitelist) and then add the IPs of the PCs allowed to have unrestricted access (in exceptioniplist). Read Dansguardian site to see which conf files to adjust and/or see my HOWTO.


File: bannedsitelist
#Blanket Block.  To block all sites except those in the
#exceptionsitelist file remove the # from the next line to leave
#only a '**':
#**


File: exceptioniplist
#IP addresses of computers to not filter
#and just pass requests straight through to
#
#These would be servers which
#need unfiltered access for
#updates.  Also administrator
#workstations which need to
#download programs and check
#out blocked sites should be
#put here.

[pietdejong]

I am using DansGuardian and a module from Dungog, which installs a panel in the server-manager.

I have installed an identd daemon on each clients machine and in the access rules I specify which users are allow to:
1. Not allowed to browse
2. Browse unfiltered
3. Browse filtered

identd daemon:
http://www.michaelpike.com/swidt.html

I am currently working on a problem, that after installing Dansguardian, I loos access to server-manager, since port 80 is now blocked.

Instead of installing identd you can also use the pam_auth module, but that requires the user to authenticate every time.

Piet

[Jáder]

> Try e-smith.dyndns.org site and download his contribution. It force the user to login or you can list the only websites they can visit

I got there... but was unable to find (that´s FRENCH!) what I was looking for... AND I just saw 2 contribs to 6.x... will your tip work on 6.01-01 ??
Thanks and sorry my delay!