[ale] selective DNS server for DHCP clients?
JD
jdp at algoloma.com
Wed Feb 27 20:23:35 EST 2013
Many routers have time limits based on MAC address. I know that some parents
provide a USB-wifi dongle to be used during approved internet time and keep it
locked away safely otherwise. Allowing just that MAC from the approved dongle
is something most wifi routers support too.
As to preventing time wasting access to websites, The easy way is to block them
100% from your network, but using that nuclear option may not be the best answer
for all families. For example, I block facebook, twitter, zynga and much of
google from my network on principle. Here's an article that I wrote for
Lifehacker:
http://lifehacker.com/5817447/how-to-block-unwanted-ads-in-all-applications-and-speed-up-web-browsing-with-the-hosts-file
about this, but if you can't touch her /etc/hosts, then you'll need to do it at
the router/DNS server. I assume it needs to work fine when she it outside your
network?
If you use a proxy server, then you can block all external DNS queries from the
client machines. Only the proxy server needs DNS access. That is something you
control.
Something like Dan's Guardian might be worth looking into. Running a filtering
squid proxy might be fun too. Filters can use perl regex, so almost any sort of
unencrypted content can be blocked.
Lots of options.
On 02/27/2013 07:13 PM, Pete Hardie wrote:
> I neglected to mention that one of the reasons she gets a laptop from the school
> is that they provide much of the homework via the web, so a total internet or
> computer ban is not an option, either.
>
> We do make her close the laptop when she is doing offline homework, but that is
> only part of the work.
>
>
>
> Pete Hardie
> --------
> Better Living Through Bitmaps
>
>
> On Wed, Feb 27, 2013 at 3:35 PM, Ron Frazier (ALE)
> <atllinuxenthinfo at techstarship.com <mailto:atllinuxenthinfo at techstarship.com>>
> wrote:
>
> Impose a "screen time" limit, unless she's working on "official business"
> which you designate. She can divide her screen time among tv, games,
> whatever, as long as homework is done. Once the limit is up, the device
> must be turned off. You could do this for internet access from your router
> by disconnecting her internet after a time limit.
>
> My son, now in college, used to complain because I wouldn't let him play
> video games. Actually, the real truth is that he could play video games, he
> just couldn't watch 2 hours of tv AND play 2 hours of video games on a
> school night.
>
> If she wants more time, she has to get a waiver from you.
>
> Sincerely,
>
> Ron
>
>
> Pete Hardie <pete.hardie at gmail.com <mailto:pete.hardie at gmail.com>> wrote:
>
> >It's basically the time spent - she gets sucked into some games, and
> >some
> >stories. I'm not trying to content block in this case.
> >
> >I'm reluctant to do anything on the laptop, because the school has a
> >pack
> >of savvy delinq^H^H^H^Hweb surfers who can suggest the easy fixes to
> >the
> >easy blocks
> >
> >Pete Hardie
> >--------
> >Better Living Through Bitmaps
> >
> >
> >On Wed, Feb 27, 2013 at 3:07 PM, Scott Plante
> ><splante at insightsys.com <mailto:splante at insightsys.com>>wrote:
> >
> >> How tech savvy is she? If there are a few particular time-wasting
> >sites
> >> you want to block (facebook, twitter) you could potentially just edit
> >> her C:\Windows\System32\drivers\etc\hosts file and add some entries
> >> pointing to 127.0.0.1 or 192.168.0.0 or something like that. You said
> >you
> >> couldn't install anything--not sure if you can edit a file like that.
> >It's
> >> easy enough to override if she's savvy but it might be an easy first
> >step
> >> before going to a network based filter. Of course if she is savvy,
> >there
> >> are probably countless ways for her to get around all kinds of
> >obstacles
> >> you may put up. Neighbor's wi-fi? Cell hotspot? Free VPN?
> >>
> >> It sounds like you're less worried about content filtering--i.e.
> >blocking
> >> any site that contains porn, etc.--and more worried about a few
> >particular
> >> time-sink sites. If you are interested in content filtering, you
> >might
> >> check out DansGuardian.org.
> >>
> >> Scott
> >> ------------------------------
> >> *From: *"Pete Hardie" <pete.hardie at gmail.com <mailto:pete.hardie at gmail.com>>
> >> *To: *"Atlanta Linux Enthusiasts - Yes! We run Linux!" <ale at ale.org
> <mailto:ale at ale.org>>
> >> *Sent: *Wednesday, February 27, 2013 2:02:24 PM
> >> *Subject: *[ale] selective DNS server for DHCP clients?
> >>
> >>
> >> Hello all,
> >>
> >> After another round of disagreements concerning homework, I've
> >determined
> >> that my daughter can't resist the lure of time-wasting Internet
> >sites. The
> >> wrinkle is that she has a school-issued laptop, so I can't install
> >anything
> >> on it to block access to the time-sinks. So here's what I think I
> >can do,
> >> and I need to know if it's possible:
> >>
> >> I already have a DHCP server on my desktop, providing fixed IPs and a
> >> different DNS server for my ReplayTV boxen. I'd like to target her
> >> laptop's DNS to one running on my desktop, without using that one as
> >my
> >> desktop's DNS (I can use the router)
> >>
> >> I also need a good tutorial on DNS servers - I have dnsmasq, which
> >seems
> >> like it might work for my purposes - have the sites I need to block
> >be
> >> mapped to 127.0.0.1 for her laptop, while letting the rest to resolve
> >> normally
> >>
> >> So is this feasible? If not, is there a good alternative?
> >>
> >> TIA,
More information about the Ale
mailing list