From owner-freebsd-questions@FreeBSD.ORG Tue Aug 28 16:12:38 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4DF9916A417 for ; Tue, 28 Aug 2007 16:12:38 +0000 (UTC) (envelope-from zbigniew@szalbot.homedns.org) Received: from szalbot.homedns.org (lists.lc-words.com [83.19.156.210]) by mx1.freebsd.org (Postfix) with ESMTP id 0225413C467 for ; Tue, 28 Aug 2007 16:12:37 +0000 (UTC) (envelope-from zbigniew@szalbot.homedns.org) Received: from www (helo=www) by szalbot.homedns.org with local ; Tue, 28 Aug 2007 18:12:28 +0200 To: P.U.Kruppa X-PHP-Script: https://poczta.szalbot.homedns.org/index.php for 192.168.11.1 MIME-Version: 1.0 Date: Tue, 28 Aug 2007 18:12:28 +0200 From: Zbigniew Szalbot In-Reply-To: <20070828174355.E83792@small> References: <20070828174355.E83792@small> Message-ID: <4003abc03a71e5f58ec5d46fc3c3d6ed@szalbot.homedns.org> X-Sender: zbigniew@szalbot.homedns.org User-Agent: RoundCube Webmail/0.1b Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit Cc: Freebsd questions Subject: Re: home lan with freebsd as gateway / security issues X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Aug 2007 16:12:38 -0000 Hi, On Tue, 28 Aug 2007 18:01:02 +0200 (CEST), "P.U.Kruppa" wrote: >> do not need. My question is more general, though, I would simply like to >> know if there's any simple way to put the box behind a router and sitll > be >> able to do transparent proxying of requests originating from my LAN? > Yes: generally spoken: a gateway/proxy is what you tell your > client machines to use as a gateway/proxy. You can just set it > anywhere in your network and make it suck its data from your > router. > Transparent proxying might be a bit difficult to set up at times > but you can start with an ordinary cache-proxy (called by > requests on port 8080 or something). > As long as your kids don't have admin rights on their > workstations, they won't be able to change it. > > By the way: blocking single addresses or even some expressions > won't keep anyone from watching bad pages - all one needs is > google and some patience. I use dansguardian it is much more than a simple page block. DG is a very useful tool. > So - sorry for adding educational hints - talk to your children > first and explain the meaning of the word trust to them. When > they really believe they have to deceive you, they probably will > be able to live without a computer for some time. Absolutely - that's what I do. I only want to prevent situations where kids by accident go to bad sites (spoofed urls, and the like). I do not have a problem of kids trying to cheat me. > > Sorry, this really was off topic. No problem. I appreciate all advice. I can always learn something, can't I? -- Zbigniew Szalbot www.slowo.pl www.lcwords.com