Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 09 Apr 2012 22:27:24 -0500
From:      Jorge Biquez <>
Subject:   Kind OFF Topic. FreeBSD for Blocking URLS? Nanny?
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
Hello all.

I am sorry if this is kind OFF Topic. I am looking for help from more 
experienced people in these areas. Please let me know if this 
question should be moved to FREEBSD-CHAT list.

As I have mentioned before I am helping a school , non profit with 
their IT issues. As always there are some "experts" that controls 
everything and do not let you change anything because is their 
kingdom. Anyway, there we have Internet service  from a cable company 
and they have some cisco routers to receive the access and from there 
some Cisco Switches.
In the classrooms we have very old PCs running XP. In some of my 
classes I am using Freebsd and Ubuntu running on a USB. So each 
student have one USB and they work that way booting from their 4GB 
USB stick. (it is slow but it has worked until now).

One of the managers asked me for help to block some web sites were 
some students in the other lab and people that helps there waste 
bandwithd seeing videos, movies (youtube, cuevana, serieid, etc) and 
spend lot of time on facebook also. Our bandwidth is only 4Mb and you 
understand that with a few that are seeing movies and videos the rest 
of us can not work at all. Thing is that "other manager" (you know 
how those things are sometimes) do not want us to do that since his 
"guru" and expert is the one that controls all the Network. So the 
best we could get until now is that we can do "all we can" without 
touching the Cisco routers and until now not administrative password 
for change anything on the PCs (that could change one we prove that 
we can have the solution and show it to the board of people that runs 
the place).

The Internet provider gives the DNS servers to use and one of the 
routers gives the DHCP service.

First thing I thought was to change the DNS servers and use the one 
from my small office (running Freebsd 7.3) using Bind there and 
simply block there pointing the sites to nothing in the Apache 
configuration. It does not work. Once changed the DNS values the PC 
does not resolve anything. It was a quick test but that does not 
work. Not sure if Internet provider is blocking in some way that we 
can not use other DNS server but theirs.

Other solution I was thinking while coming home was to convert one 
machine there to a freebsd server and use it as a router (if they let 
me) so that way I can control from there and do filtering. Issue is 
that maybe they do not let me but connect the server as an extra 
machine without replacing the main router so in that case I would 
have 2 DHCP servers doing the same service in the same lan and could 
be conflicts I guess.

Another solution a friend suggested was to buy one small router (from 
my money for sure) and let that small router to receive the internet 
(RJ45) and from that with the small 4 port switch included to provide 
the internet to the switches to feed the labs , library and 
administrative offices. I have never use one of those and I am short 
on money so I would like to explore other alternatives before if possible.

Finally another solution would be to install in each PC a kind of 
Nanny software but only if free, otherwise is not a solution (I do 
not know of any yet but will do searching the following hours).

I know all can be solved if the "guru-expert" guy would let me have 
passwords from PC's, router, etc but that won't be an option since 
they think we would try to take the control of those services (we do 
not want that) so the burocracy could be a problem there. He have 
told them that to block is not possible (they have been working that 
way for years).

So, in this kind of schema. Do you think FreeBSD (even linux) could 
be of help if we do not have access to routers, switches and can not 
install new software on the PCs( the ones running XP)?

Any comments you have that could help me to solve this challenge?

Thanks in advance for your time and comments.

Jorge Biquez

Want to link to this message? Use this URL: <>