Topic: Blocking web pages

[gdbs]

you have pointed out all the reasons why it's better use something that is constantly managed and updated (another distro) instead of SME that ACTUALLY could not give the same warranty.

again, all in my humble opinion..

Ciao
Stefano and "this is my last post in this topic as we are going OT"

i think that you've not understood that's what i purpose to do: giving the warranty to have a ipp2p contrib build for each new version of kernel..................

[janet]

gdbs

It would be great if you provided ongoing support for the ipp2p contrib.

I suggest you post your offer/desire/request to the devinfo list (http://lists.contribs.org/mailman/listinfo/devinfo) and/or bugzilla (http://bugs.contribs.org/), asking for support to help you both learn what to do and how to integrate it all (ie the contrib) into the sme build server stream.

There are very knowledgeable people there who I expect will offer you assistance.
In bugzilla create a new bug against that contrib category

If the contrib category doesn't exist, then create a bug asking for the category to be created or  request staff@contribs.org to create it first and then you can add your bug. The bug in this case is a "problem with the system" bug rather than a "problem with a contrib" bug.

[Luis Noriega]

Luis - I do exactly that (...) Let me know if you want to pursue this.

besterl!
Please tell me how!
Thanks.
Luis.

[FraunhoferIFF]

mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf
mkdir -p /etc/e-smith/templates-custom/etc/squid/block.txt
echo acl block url_regex \”/etc/squid/block.txt\” >/etc/e-smith/templates-custom/etc/squid/squid.conf/20ACL31block
echo http_access deny block >/etc/e-smith/templates-custom/etc/squid/squid.conf/40http_access21denyBlock
echo .myspace.com >/etc/e-smith/templates-custom/etc/squid/block.acl/10block
echo .spamadserver.com >>/etc/e-smith/templates-custom/etc/squid/block.acl/10block
/sbin/e-smith/expand-template /etc/squid/squid.conf
/sbin/e-smith/expand-template /etc/squid/block.txt
/sbin/service squid restart


If you want to change the list of blocked sites edit /etc/e-smith/templates-custom/etc/squid/block.acl/10block then enter the following:

/sbin/e-smith/expand-template /etc/squid/block.txt
/sbin/service squid restart


To remove the list, delete the custom templates and restart as follows:

rm /etc/e-smith/templates-custom/etc/squid/squid.conf/20ACL31block
rm /etc/e-smith/templates-custom/etc/squid/squid.conf/40http_access21denyBlock
rm /etc/e-smith/templates-custom/etc/squid/block.acl/10block
/sbin/e-smith/expand-template /etc/squid/squid.conf
/sbin/service squid restart

[thomasch]

1) on 5 of the terminals (the terminals which are at rooms and my office):
     - I want to block ALL THE WEB CONTENT (except the bank homepage and the school's homework website);
     - block msn, chat's, p2p's, etc...
     - Allow e-mail (thunderbird, outlook, gmail, etc).
2) on the other 3 terminals (the ones that are at public places like tv room and living room):
     - Allow filtered web content;
     - Allow msn, chat, p2p, etc...
     - Allow e-mail

You need a fullblown firewall like ipcop to achieve what you want. SME is not designed for that purpose.

If you don't want to buy another machine and put it in front of smeserver, you can install firewall under vmware to filter/block internet access. Some call it virtual firewall. SMEserver have to set as server only mode.
However, there is security consequences, I think.

thomasch

[gdbs]

I've been able to compile ipp2p for the test kernel !!!

version test 2.6.9-78.0.13 (the next version of kernel...)

i'm actually downloading the 2.9.6-78.0.8 stable version and i post it here for test

[gdbs]

why? isn't sme is made to work gateway mode? why in "about sme" section sme is described as a gateway firewall distro?

and with ipp2p, it's possible tu block p2p...

You need a fullblown firewall like ipcop to achieve what you want. SME is not designed for that purpose.

If you don't want to buy another machine and put it in front of smeserver, you can install firewall under vmware to filter/block internet access. Some call it virtual firewall. SMEserver have to set as server only mode.
However, there is security consequences, I think.

thomasch

[Stefano]

why? isn't sme is made to work gateway mode? why in "about sme" section sme is described as a gateway firewall distro?

and with ipp2p, it's possible tu block p2p...

gdbs: what part of "SME can act as firewall but it is NOT a "pure" firewall, because firewalling and web traffic filtering are not its primary scope" is difficult to understand?

Stefano and "firewalling on SME has been discussed so many times here.. use the search, Luke"

[gdbs]

yes i've understand it but as you said it can do a part of.

you can give an advice about it, but here, someone is asking for fonctionalities that SME can do. if it answer to his need, why should he add something else? maybe it's enough for him.

But sure if he's asking for something that really doesn't exist on sme or can't answer to all his needs, using another distro could be a good choice...

but if sme, dansguardian and ipp2p is responding well, i think we may tell him to test it before asking another community of another distro.

i've compiled ipp2p, now he will be one of my tester

if ipp2p is not the right option for him, he's free to do what he want to find the good way for him....

[besterl]

besterl!
Please tell me how!
Thanks.
Luis.

Sorry I have not been online for a while now - too busy with other stuff.

If you still have not sorted this out let me know

L