From owner-freebsd-questions@FreeBSD.ORG  Fri Jul  6 20:23:41 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 0FD1616A479
	for <freebsd-questions@freebsd.org>;
	Fri,  6 Jul 2007 20:23:41 +0000 (UTC)
	(envelope-from iaccounts@ibctech.ca)
Received: from pearl.ibctech.ca (pearl.ibctech.ca [208.70.104.210])
	by mx1.freebsd.org (Postfix) with ESMTP id A640E13C4C6
	for <freebsd-questions@freebsd.org>;
	Fri,  6 Jul 2007 20:23:40 +0000 (UTC)
	(envelope-from iaccounts@ibctech.ca)
Received: (qmail 58535 invoked by uid 1002); 6 Jul 2007 20:23:39 -0000
Received: from iaccounts@ibctech.ca by pearl.ibctech.ca by uid 89 with
	qmail-scanner-1.22 
	(spamassassin: 2.64.  Clear:RC:1(208.70.107.100):. 
	Processed in 6.487105 secs); 06 Jul 2007 20:23:39 -0000
Received: from unknown (HELO ?192.168.1.210?) (steve@ibctech.ca@208.70.107.100)
	by pearl.ibctech.ca with (DHE-RSA-AES256-SHA encrypted) SMTP;
	6 Jul 2007 20:23:32 -0000
Message-ID: <468EA4DC.1070502@ibctech.ca>
Date: Fri, 06 Jul 2007 16:23:56 -0400
From: Steve Bertrand <iaccounts@ibctech.ca>
User-Agent: Thunderbird 2.0.0.4 (Windows/20070604)
MIME-Version: 1.0
To: RW <fbsd06@mlists.homeunix.com>
References: <28511e606938ca3af6624a90fa5798e9@szalbot.homedns.org>
	<20070706203359.411e7416@gumby.homeunix.com.>
In-Reply-To: <20070706203359.411e7416@gumby.homeunix.com.>
X-Enigmail-Version: 0.95.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: freebsd-questions@freebsd.org
Subject: Re: parental control with squid and dansguardian
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jul 2007 20:23:41 -0000

RW wrote:
> On Fri, 6 Jul 2007 13:20:07 +0200
> Zbigniew Szalbot <zbigniew@szalbot.homedns.org> wrote:
> 
>> I do not yet have FreeBSD functioning as a real gateway as I will be
>> able to do it at a later stage. However, there is one thing that
>> leaves me wondering. In order to use the content filtering as
>> provided by Dansguardian, I need to configure the browser to look for
>> proxy on port 8080. Now, if someone just changes the port in their
>> browser to 3128 (squid proxy port), then all content filtering will
>> be bypassed. 
>>
> 
> If this box is not the gateway, there is no point in doing anything
> about this because they can simply turn-off proxying and go direct to
> the internet. 

Not if the box is an inline bridge...

Allow minimal Internet use, ftp, ssh, 587, 110 etc, then fwd 80, 443 to
the internal proxy box and voila.

Steve