Spiceworks nxfilter11/13/2023 Why does your mother's house have/need a router? Why not just have those devices get an IP from your DHCP server. And on a schedule the cache gets cleared out and the next person to visit the web site fills the cache back up for others. PfSense has a few "packages" that are really good for content filtering dansguardian is one squidguard is another in addition to squidguard you could setup squid-cache so that web surfing is faster all around, certain web sites will have a lot of their static content cached so that page loading is faster. The more I think about it locating the proxy server at the remote site is a better choice. There are ways around this as well as any firewall rules/filters you setup if the remote users are devious (thinking ultrasurf here). With dansguardian you can filter out by dns name similar to opendns. With pfSense you can setup traffic filters (bandwidth limiters) to control how much bandwidth the remote site can consume. Actually it's not designed to do proxy services either, but it can.Īlso you will need to figure out how to restrict remote access (if you care) so visiting free loaders won't consume your internet. And now that I think about it from a performance side, it would help with performance if the proxy was located at the remote site, still in transparent proxy mode.įiltering out high level P2P protocols will be tough since it requires deep packet inspection, which pfsense is not designed to do. The inline or transparent proxy server will then regulate what the remote site can access. Setup pfsense as an inline proxy server running dansguardian. IF you are only interested in filtering content to your mother's house, I would install pfsense inline between your tough switch and m900. I enjoy projects like this, but I hate it when I'm stumped. (This makes this harder, if not impossible) I would like to avoid adding vlans if I can. The PFsense box does have 2 interfaces available Is there any way I can achieve "transparent" filtering of their content without dropping the pfsense box behind the AP on my end? I also want to avoid having to configure a proxy on devices. (Am I wrong?)Īs you can see I can't drop the PFsense box between the AP and my network (transparent proxy) as I power the AP via the toughswitch. But I also want to block things like Torrent/tor which I think I can do with PFsense. I am under the impression that I can filter the porn an other adult related stuff better with the addition of PFsense. I'm honestly not sure how much content the OpenDNS family filters are blocking. They are still managing to make a mess of the PC and look at who knows what online. Im using OpenDNS already but I want more control over the content. WAN is on my LAN, and then NAT and DHCP for devices in her house. My network "edges" on the Router/wifi RB951 at my mothers house. I need to install it at my home, not hers. I have a PC with pfsense installed and I would like to use it to perform additional content filtering for my mothers home. I think my picture is pretty straight forward as far as the details pertaining to my questions. I used to work for them and my wife still does. She's unable to afford her own internet service (to disabled to work) and my younger brother an sister rely on internet for school an of course their social lives. I provide internet to my Mother 4 blocks away via wireless bridge.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |