<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: arial,helvetica,sans-serif; font-size: 12pt; color: #000000'>Just keep in mind this would be fairly easy for her (or her tech-savvy friends you mentioned) to get around. She just needs to set her network settings to use a public DNS like 8.8.8.8 instead of whatever DHCP hands out. DHCP is more of a suggestion. You may be able to block outbound DNS queries from all but your router to thwart that.<br><br><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;"><b>From: </b>"Pete Hardie" <pete.hardie@gmail.com><br><b>To: </b>"Atlanta Linux Enthusiasts" <ale@ale.org><br><b>Sent: </b>Wednesday, March 6, 2013 10:27:05 PM<br><b>Subject: </b>Re: [ale] selective DNS server for DHCP clients?<br><br><div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">A followup, for those interested in the results<br><br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">
I think that I have found a working configuration. I currently have dhcpd running, supplying a few fixed IPs for my DVRs, and pointing them at my WIRNS server for replacement guide data, and I was able to set up another MAC-specific stanza to point<br>
</div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">my Nook to use my desktop as its DNS, which is handled by dnsmasq. I set up dnsmasq to map <a href="http://reddit.com" target="_blank">reddit.com</a> to 127.0.0.1 and it appears to do what I want - fail to load that site.<br>
<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">I could use dnsmasq to supply the DHCP, and may switch to that once I feel that everything else is working totally to my satisfaction<br>
<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small">Thanks again to all for the suggestions and war stories about blocking your kids' access!<br><br></div></div><div class="gmail_extra">
<br clear="all"><div>Pete Hardie<br>--------<br>Better Living Through Bitmaps</div>
<br><br><div class="gmail_quote">On Thu, Feb 28, 2013 at 3:24 PM, Ron Frazier (ALE) <span dir="ltr"><<a href="mailto:atllinuxenthinfo@techstarship.com" target="_blank">atllinuxenthinfo@techstarship.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
<br>
Mike Harrison <<a href="mailto:cluon@geeklabs.com" target="_blank">cluon@geeklabs.com</a>> wrote:<br>
<br>
>On Wed, 27 Feb 2013, Pete Hardie wrote:<br>
>> Thanks - I'll take a closer look and see if I can wrap my head around<br>
>it.<br>
>> and to the list - I think that dnsmasq will do what I want, since it<br>
>allows specification of a DNS server for the DHCP clients, and can be<br>
>configured to not<br>
>> be the DNS server for the host, leaving it to use the router and ISP<br>
>servers.<br>
><br>
>A friend of mine with various ages of children has chosen to<br>
>incrementally<br>
>make internet access harder and harder. The two eldest children have<br>
>developed some serious network hacking skills as a result. His devious<br>
>goal was less about restricting access to online materials and<br>
>activities<br>
>and more about learning how things worked.<br>
><br>
>His most recent step was physically unplugging at around 9-10pm<br>
>(time for bed),,. and his 14 year old boy discovered "pringles can"<br>
>antenna technologies as a result.<br>
><br>
>The bad news, and why I know.. is he got enough signal to leach from my<br>
><br>
>house.. where he got sniffed and monitored. I'm not exactly next door,<br>
>but<br>
>I am line of sight..<br>
><br>
<br>
</div>No one leaches my wifi since it's encrypted. They could sniff it, but they'd get gibberish.<br>
<br>
Sincerely,<br>
<br>
Ron<br>
<div class="im HOEnZb"><br>
<br>
--<br>
<br>
Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.<br>
Please excuse my potential brevity if I'm typing on the touch screen.<br>
<br>
(PS - If you email me and don't get a quick response, you might want to<br>
call on the phone. I get about 300 emails per day from alternate energy<br>
mailing lists and such. I don't always see new email messages very quickly.)<br>
<br>
Ron Frazier<br>
<a href="tel:770-205-9422" target="_blank">770-205-9422</a> (O) Leave a message.<br>
linuxdude AT <a href="http://techstarship.com" target="_blank">techstarship.com</a><br>
<br>
<br>
</div><div class="HOEnZb"><div class="h5">_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</div></div></blockquote></div><br></div>
<br>_______________________________________________<br>Ale mailing list<br>Ale@ale.org<br>http://mail.ale.org/mailman/listinfo/ale<br>See JOBS, ANNOUNCE and SCHOOLS lists at<br>http://mail.ale.org/mailman/listinfo<br></div><br></div></body></html>