From owner-freebsd-questions@FreeBSD.ORG  Fri Jul  6 15:27:13 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 788E216A473
	for <freebsd-questions@freebsd.org>;
	Fri,  6 Jul 2007 15:27:13 +0000 (UTC)
	(envelope-from zbigniew@szalbot.homedns.org)
Received: from szalbot.homedns.org (lists.lc-words.com [83.19.156.210])
	by mx1.freebsd.org (Postfix) with ESMTP id 2F68B13C48A
	for <freebsd-questions@freebsd.org>;
	Fri,  6 Jul 2007 15:27:13 +0000 (UTC)
	(envelope-from zbigniew@szalbot.homedns.org)
Received: from localhost ([127.0.0.1] helo=szalbot.homedns.org)
	by szalbot.homedns.org with esmtpa (Exim 4.67 (FreeBSD))
	(envelope-from <zbigniew@szalbot.homedns.org>)
	id 1I6pi9-0004IU-GY; Fri, 06 Jul 2007 17:27:09 +0200
MIME-Version: 1.0
Date: Fri, 6 Jul 2007 17:27:09 +0200
From: Zbigniew Szalbot <zbigniew@szalbot.homedns.org>
To: Denis R. <darom@kern.ca.us>
In-Reply-To: <57122.206.169.45.183.1183733592.squirrel@sm.kern.ca.us>
References: <57122.206.169.45.183.1183733592.squirrel@sm.kern.ca.us>
Message-ID: <2edfd3b9ce6f94eaf624f1f3f5486eca@szalbot.homedns.org>
X-Sender: zbigniew@szalbot.homedns.org
User-Agent: RoundCube Webmail/0.1b
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Cc: freebsd-questions@freebsd.org
Subject: re: parental control with squid and dansguardian
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Jul 2007 15:27:13 -0000

Hello,

>>>Now, if someone just changes the port in their browser to 3128 (squid
> proxy port), then all content filtering will be bypassed.
> 
> I have the same setup at home for my kids.
> 
> Check the /etc/ipnat.conf file to redirect all web traffic to your
> FreeBSD_gateway_IP_address:8080 (assuming your FreeBSD box acts as a
> firewall/squid/gateway).

Now, I am not sure one thing. ipnat.conf is an ipfilter conf file. I use
pf. I was wondering - maybe I should use squid setup defining an acl that
would banned connection to port 3128 in squid? I am not sure yet how to do
it (all of this is totally new to me) but I guess it is probably quite
simple. Then I should probably set squid in the transparent mode which
would enable me to point browsers to auto-discover proxy settings? Again, I
am not sure my thinking is correct.

Thanks!

-- 
Zbigniew Szalbot