Karl, Thanks again. I have a USG at home so I can use it to check this out when I get some time. Sounds perfect.
> -----Original Message----- > From: Mercedes [mailto:mercedes-boun...@okiebenz.com] On Behalf Of Karl > Wittnebel via Mercedes > Sent: Wednesday, August 26, 2020 1:23 PM > To: Mercedes Discussion List <mercedes@okiebenz.com> > Cc: Karl Wittnebel <atypical...@gmail.com> > Subject: Re: [MBZ] OT: Internet filtering > > Honestly if you read that thread I linked, it tells you all the steps. If I > can > manage it, anyone can (I have zero experience with this stuff apart from > trying > to run openfoam on starcluster from a linux desktop awhile back). I think I > used Putty and just executed the commands from that thread. > > Unifi mobile app and web interfaces are great/simple and give you good > analytics. You can block individual devices. I shut my kids ipads off all the > time > from work and turn them back on for school on the morning, for instance. > > You can have it auto update the blacklists with a script so it persists when > the > device updates itself. > > Personally I like blacklisting for a church site. People can look at youtube > and > fb somewhere else. > > On Tue, Aug 25, 2020, 11:36 PM Scott Ritchey via Mercedes < > mercedes@okiebenz.com> wrote: > > > Kark, Thanks. I have some studying to do. > > > > I will have a Unifi Security Gateway there eventually, probably after > > when the weather cools and the attic is more bearable (need to run > > cables). I was hoping thr USGhelp (I mean it is a security gateway). > > Pi-Hole sounds very promising. The USG looked simple until I got into it. > > > > > -----Original Message----- > > > From: Mercedes [mailto:mercedes-boun...@okiebenz.com] On Behalf Of > > > Karl Wittnebel via Mercedes > > > Sent: Tuesday, August 25, 2020 1:14 PM > > > To: Mercedes Discussion List <mercedes@okiebenz.com> > > > Cc: Karl Wittnebel <atypical...@gmail.com> > > > Subject: Re: [MBZ] OT: Internet filtering > > > > > > Here is a helpful link: > > > > > > https://community.ui.com/questions/HowTo-Ad-blocking-using-dnsmasq- > d > > > - > > > instead-of-etc-hosts/1598a96d-28af-4f3f-ab96-97bccdb897b3#M66463 > > > > > > On Tue, Aug 25, 2020, 9:39 AM Karl Wittnebel <atypical...@gmail.com> > > > wrote: > > > > > > > Get a pi hole. I run something similar at home on a unifi security > > > > gateway: > > > > > > > > > > > > https://community.ui.com/questions/HowTo-Ad-blocking-using- > dnsmasq > > > > -d- > > > i > > > > nstead-of-etc-hosts/1598a96d-28af-4f3f-ab96-97bccdb897b3#M66463 > > > > > > > > https://en.m.wikipedia.org/wiki/Pi-hole > > > > > > > > Anyway you can block whatever you want. E.g. facebook, youtube. It > > > > is a scorched earth approach but it works well. You can configure > > > > it to auto update using various lists of ad servers and then > > > > customize > > website lists. > > > > > > > > If in a church, you should post a sign that internet access is > > > > restricted in case any docs are communicating with patients etc by > > > > internet so they can plan to be out of reach. Not such a bad > > > > thing, really. Just need to notify. Something like "restricted > > > > internet > > access only". > > > > > > > > > > > > > > > > On Sun, Aug 23, 2020, 4:59 AM Dan Penoff via Mercedes < > > > > mercedes@okiebenz.com> wrote: > > > > > > > >> Only thing I can suggest is: > > > >> > > > >> 1.) Set up a password that’s simple and tell the congregation > > > >> what it is; or, > > > >> > > > >> 2.) Get a consumer grade router in line with the existing access > > > >> point and use it’s parental controls feature to filter. > > > >> > > > >> I’ve got an Asus router I use for my internal network and it’s > > > >> got parental controls and filtering available as an option. > > > >> > > > >> -D > > > >> > > > >> > On Aug 23, 2020, at 2:38 AM, Scott Ritchey via Mercedes < > > > >> mercedes@okiebenz.com> wrote: > > > >> > > > > >> > The school's hot spot is on their own LAN, not my problem. > > > >> > > > > >> > There are many functions other than church services, typically > > > >> > in the > > > >> fellowship hall (church meetings, parties, weddings/funerals, > > > >> men/women/senior groups, etc.) where folks want their cell phones > > > >> to > > > work. > > > >> If they don't connect to the Wi-Fi those cell phone batteries go > > > >> down fast as the phones try to ping a tower transmitting at max power. > > > >> > > > > >> > I could add a password but then would need tell everyone. > > > >> > > > > >> > I already configured OpenDNS but still looking for something > > > >> > better. I > > > >> plan to install a Unifi Security Gateway so I'm looking for a way > > > >> to use that. There are many consumer routers that could be > > > >> adapted and security appliances (without routing), like Circle. Still > looking. > > > >> > > > > >> >> -----Original Message----- > > > >> >> From: Allan Streib via Mercedes > > > >> >> Subject: Re: [MBZ] OT: Internet filtering > > > >> >> > > > >> >> Ask the school what they do. > > > >> >> > > > >> >> Ideally the school hot spot will be on the school network via > > > >> >> a > > VPN. > > > >> >> > > > >> >> As far as accessing the passwordless guest network, you have > > > >> >> that > > > >> problem > > > >> >> regardless. I'd suggest putting a password on it, or maybe > > > >> >> setting up > > > >> a captive > > > >> >> portal like at a hotel. Depends how much you really want to > > > >> >> manage > > it. > > > >> >> > > > >> >> Anyway, who is using their cell phone during church? > > > >> >> > > > >> >> > > > >> >> Scott Ritchey via Mercedes <mercedes@okiebenz.com> writes: > > > >> >> > > > >> >>> Our church LAN has a “guest” SSID that does not require a > > password. > > > >> This > > > >> >> guest SSID is very helpful for cell phones because the > > > >> >> aluminum siding > > > >> blocks > > > >> >> regular cell signals. So far, this was not a problem because > > > >> >> we had > > > >> few > > > >> >> “outsiders.” Our ISP provider (Time-Warner/Spectrum) provides > > > >> >> an ARRIS DG1670a modem/router, which does not appear to have > > > >> >> any useful > > > >> “parental > > > >> >> controls.” > > > >> >>> > > > >> >>> Soon we will be a “hot spot” where school children can come > > > >> >>> to our > > > >> parking > > > >> >> lot to download school materials (if they don’t have > > > >> >> high-speed > > > >> internet at > > > >> >> home). The school system provides the hot spot equipment but > > > >> >> visitors > > > >> will > > > >> >> also see our church Wi-Fi on their devices. > > > >> >>> > > > >> >>> I want to avoid the situation where school kids (or others) > > > >> >>> access > > > >> >> inappropriate sites, particularly on the church LAN. OpenDNS > > > >> >> offers > > > >> some > > > >> >> filtering but only for “new” DNS requests and it doesn’t block > > > >> anonymizers > > > >> >> (like Tor). > > > >> >>> > > > >> >>> I know there is much computer expertise on this site so I > > > >> >>> thought I’d > > > >> ask for > > > >> >> recommendations. > > > >> >>> > > > >> >>> Cheers, Scott > > > >> >>> > > > >> >> > > > >> >> _______________________________________ > > > >> >> http://www.okiebenz.com > > > >> >> > > > >> >> To search list archives http://www.okiebenz.com/archive/ > > > >> >> > > > >> >> To Unsubscribe or change delivery options go to: > > > >> >> http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.co > > > >> >> m > > > >> > > > > >> > > > > >> > > > > >> > _______________________________________ > > > >> > http://www.okiebenz.com > > > >> > > > > >> > To search list archives http://www.okiebenz.com/archive/ > > > >> > > > > >> > To Unsubscribe or change delivery options go to: > > > >> > http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > > > >> > > > > >> > > > >> > > > >> _______________________________________ > > > >> http://www.okiebenz.com > > > >> > > > >> To search list archives http://www.okiebenz.com/archive/ > > > >> > > > >> To Unsubscribe or change delivery options go to: > > > >> http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > > > >> > > > >> > > > _______________________________________ > > > http://www.okiebenz.com > > > > > > To search list archives http://www.okiebenz.com/archive/ > > > > > > To Unsubscribe or change delivery options go to: > > > http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > > > > > > > > _______________________________________ > > http://www.okiebenz.com > > > > To search list archives http://www.okiebenz.com/archive/ > > > > To Unsubscribe or change delivery options go to: > > http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com > > > > > _______________________________________ > http://www.okiebenz.com > > To search list archives http://www.okiebenz.com/archive/ > > To Unsubscribe or change delivery options go to: > http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com _______________________________________ http://www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com