[ale] selective DNS server for DHCP clients?

Pete Hardie pete.hardie at gmail.com
Wed Feb 27 20:28:41 EST 2013 

JD, you are correct in thinking that the laptop needs to work normally
outside my home network - school network and any other ones, like when we
are travelling.



Pete Hardie
--------
Better Living Through Bitmaps


On Wed, Feb 27, 2013 at 8:23 PM, JD <jdp at algoloma.com> wrote:

> Many routers have time limits based on MAC address. I know that some
> parents
> provide a USB-wifi dongle to be used during approved internet time and
> keep it
> locked away safely otherwise.  Allowing just that MAC from the approved
> dongle
> is something most wifi routers support too.
>
> As to preventing time wasting access to websites, The easy way is to block
> them
> 100% from your network, but using that nuclear option may not be the best
> answer
> for all families.  For example, I block facebook, twitter, zynga and much
> of
> google from my network on principle.  Here's an article that I wrote for
> Lifehacker:
>
> http://lifehacker.com/5817447/how-to-block-unwanted-ads-in-all-applications-and-speed-up-web-browsing-with-the-hosts-file
> about this, but if you can't touch her /etc/hosts, then you'll need to do
> it at
> the router/DNS server.  I assume it needs to work fine when she it outside
> your
> network?
>
> If you use a proxy server, then you can block all external DNS queries
> from the
> client machines. Only the proxy server needs DNS access. That is something
> you
> control.
>
> Something like Dan's Guardian might be worth looking into.  Running a
> filtering
> squid proxy might be fun too.  Filters can use perl regex, so almost any
> sort of
> unencrypted content can be blocked.
>
>
> Lots of options.
>
>
>
> On 02/27/2013 07:13 PM, Pete Hardie wrote:
> > I neglected to mention that one of the reasons she gets a laptop from
> the school
> > is that they provide much of the homework via the web, so a total
> internet or
> > computer ban is not an option, either.
> >
> > We do make her close the laptop when she is doing offline homework, but
> that is
> > only part of the work.
> >
> >
> >
> > Pete Hardie
> > --------
> > Better Living Through Bitmaps
> >
> >
> > On Wed, Feb 27, 2013 at 3:35 PM, Ron Frazier (ALE)
> > <atllinuxenthinfo at techstarship.com <mailto:
> atllinuxenthinfo at techstarship.com>>
> > wrote:
> >
> >     Impose a "screen time" limit, unless she's working on "official
> business"
> >     which you designate.  She can divide her screen time among tv, games,
> >     whatever, as long as homework is done.  Once the limit is up, the
> device
> >     must be turned off.  You could do this for internet access from your
> router
> >     by disconnecting her internet after a time limit.
> >
> >     My son, now in college, used to complain because I wouldn't let him
> play
> >     video games.  Actually, the real truth is that he could play video
> games, he
> >     just couldn't watch 2 hours of tv AND play 2 hours of video games on
> a
> >     school night.
> >
> >     If she wants more time, she has to get a waiver from you.
> >
> >     Sincerely,
> >
> >     Ron
> >
> >
> >     Pete Hardie <pete.hardie at gmail.com <mailto:pete.hardie at gmail.com>>
> wrote:
> >
> >     >It's basically the time spent - she gets sucked into some games, and
> >     >some
> >     >stories.  I'm not trying to content block in this case.
> >     >
> >     >I'm reluctant to do anything on the laptop, because the school has a
> >     >pack
> >     >of savvy delinq^H^H^H^Hweb surfers who can suggest the easy fixes to
> >     >the
> >     >easy blocks
> >     >
> >     >Pete Hardie
> >     >--------
> >     >Better Living Through Bitmaps
> >     >
> >     >
> >     >On Wed, Feb 27, 2013 at 3:07 PM, Scott Plante
> >     ><splante at insightsys.com <mailto:splante at insightsys.com>>wrote:
> >     >
> >     >> How tech savvy is she? If there are a few particular time-wasting
> >     >sites
> >     >> you want to block (facebook, twitter) you could potentially just
> edit
> >     >> her C:\Windows\System32\drivers\etc\hosts file and add some
> entries
> >     >> pointing to 127.0.0.1 or 192.168.0.0 or something like that. You
> said
> >     >you
> >     >> couldn't install anything--not sure if you can edit a file like
> that.
> >     >It's
> >     >> easy enough to override if she's savvy but it might be an easy
> first
> >     >step
> >     >> before going to a network based filter. Of course if she is savvy,
> >     >there
> >     >> are probably countless ways for her to get around all kinds of
> >     >obstacles
> >     >> you may put up. Neighbor's wi-fi?  Cell hotspot? Free VPN?
> >     >>
> >     >> It sounds like you're less worried about content filtering--i.e.
> >     >blocking
> >     >> any site that contains porn, etc.--and more worried about a few
> >     >particular
> >     >> time-sink sites. If you are interested in content filtering, you
> >     >might
> >     >> check out DansGuardian.org.
> >     >>
> >     >> Scott
> >     >> ------------------------------
> >     >> *From: *"Pete Hardie" <pete.hardie at gmail.com <mailto:
> pete.hardie at gmail.com>>
> >     >> *To: *"Atlanta Linux Enthusiasts - Yes! We run Linux!" <
> ale at ale.org
> >     <mailto:ale at ale.org>>
> >     >> *Sent: *Wednesday, February 27, 2013 2:02:24 PM
> >     >> *Subject: *[ale] selective DNS server for DHCP clients?
> >     >>
> >     >>
> >     >> Hello all,
> >     >>
> >     >> After another round of disagreements concerning homework, I've
> >     >determined
> >     >> that my daughter can't resist the lure of time-wasting Internet
> >     >sites.  The
> >     >> wrinkle is that she has a school-issued laptop, so I can't install
> >     >anything
> >     >> on it to block access to the time-sinks.  So here's what I think I
> >     >can do,
> >     >> and I need to know if it's possible:
> >     >>
> >     >> I already have a DHCP server on my desktop, providing fixed IPs
> and a
> >     >> different DNS server for my ReplayTV boxen.  I'd like to target
> her
> >     >> laptop's DNS to one running on my desktop, without using that one
> as
> >     >my
> >     >> desktop's DNS (I can use the router)
> >     >>
> >     >> I also need a good tutorial on DNS servers - I have dnsmasq, which
> >     >seems
> >     >> like it might work for my purposes - have the sites I need to
> block
> >     >be
> >     >> mapped to 127.0.0.1 for her laptop, while letting the rest to
> resolve
> >     >> normally
> >     >>
> >     >> So is this feasible?  If not, is there a good alternative?
> >     >>
> >     >> TIA,
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130227/791bad22/attachment.html>

More information about the Ale mailing list