DansGuardian also runs as a proxy so it only needs one interface.
The folks at DansGuardian are most helpful. Contact them with questions
and they will help you with a solution.
Kris R Efland wrote:
Marlon,
Sorry for the confusion. The architecture would depend on the topology
of the network. Based on my assumptions, here is how I think you could
set it up:
AP/Tower
^
|
SU/CPE
^
|
Router/Firewall (if any)
^
|
Content Filter
^
|
School Network
For the software solution, you will need a server with two network
interfaces on it, one that talks to the router/firewall or CPE, and the
other that is hooked into the switch or whatever local distribution
mechanism you have on premises. The IP on the interface plugged into
the switch becomes the default gateway for the rest of the schools
network.
The content filter server would have the DansGuardian
(http://dansguardian.org/?page=introduction) or L7 Filter
(http://l7-filter.sourceforge.net/) on the server and inspect packets as
they pass through it to and from the school network. The installation
of the software is beyond the scope of the mailinglist and there is a
ton of support on those pages and using google. But, you can msg me
offlist if you have questions about it.
Regards,
Kris Efland
IntraMeta Corporation
t. 972.231.5999
f. 972.231.7022
e. [EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Marlon K. Schafer (509) 982-2181
Sent: Tuesday, May 08, 2007 10:08 AM
To: WISPA General List
Subject: Re: [WISPA] commercial router
Can I get some more details? You've completely lost me with this.
btw, what ever is done has to be at a central location, can't be on each
pc.
People own their own pc's.
Marlon
(509) 982-2181
(408) 907-6910 (Vonage) Consulting services
42846865 (icq) WISP Operator since
1999!
[EMAIL PROTECTED]
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam
----- Original Message -----
From: "Kris R Efland" <[EMAIL PROTECTED]>
To: "WISPA General List" <[email protected]>
Sent: Monday, May 07, 2007 4:38 PM
Subject: RE: [WISPA] commercial router
Marlon,
That being the case, I would do something simple like the L7 Filter or
DansGuardian, quick and easy and best of all, cheap. I think a lot of
the suggestions are overkill for what you are describing.
Regards,
Kris Efland
IntraMeta Corporation
t. 972.231.5999
f. 972.231.7022
e. [EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Marlon K. Schafer (509) 982-2181
Sent: Monday, May 07, 2007 6:27 PM
To: WISPA General List
Subject: Re: [WISPA] commercial router
It's a small private school/business. Think Amish but they do have
computers....
Marlon
(509) 982-2181
(408) 907-6910 (Vonage) Consulting services
42846865 (icq) WISP Operator since
1999!
[EMAIL PROTECTED]
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam
----- Original Message -----
From: "Kris R Efland" <[EMAIL PROTECTED]>
To: "WISPA General List" <[email protected]>
Sent: Monday, May 07, 2007 1:03 PM
Subject: RE: [WISPA] commercial router
Marlon,
The two that I've encountered most in the field are the Allot
NetEnforcer and Packeteer's products. The Allot software has gotten
much better recently with detecting 'bad' traffic that gets routed
through standard ports (80/443/20/21,etc). And Packeteer has some good
content caching patents. Both of their prices are high though. Here's
a decent write-up, it's a little old:
http://www.eweek.com/article2/0,1895,901491,00.asp
Though neither of those are a true 'router' but more of a gateway that
would sit behind the router, so I don't know if that's what you are
looking for.
I could also recommend some open source projects for the DIY person. L7
Filter, DansGuardian, ntop, etc are the standouts. Also, most of the
open source firewalls also do basic string matching on urls:
*myspace.com for instance. Going down that route I would look at
m0n0wall and smoothwall, both of which I've used with success.
Are they trying to eliminate types of traffic (P2P) or are they trying
to block specific sites? Some of the cheaper products do one and not
the other. The better content filters have a subscription type system
to do remote updates periodically to the product for an updated list
with new proxies and sites they've flagged as bad (think Norton). There
are some other products out there like photo no-no (www.photonono.com)
that actually filter images on the fly. Though they were very hesitant
to send me benchmarks when I was talking to them a while back so you
probably need some horsepower to use them at scale.
Regards,
Kris Efland
IntraMeta Corporation
t. 972.231.5999
f. 972.231.7022
e. [EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Marlon K. Schafer (509) 982-2181
Sent: Monday, May 07, 2007 11:22 AM
To: [email protected]
Subject: [WISPA] commercial router
Hi All,
I have a customer that's looking for a router that also does content
filtering.
What are people using these days?
Prices?
thanks,
Marlon
(509) 982-2181
(408) 907-6910 (Vonage) Consulting services
42846865 (icq) WISP Operator since
1999!
[EMAIL PROTECTED]
www.odessaoffice.com/wireless
www.odessaoffice.com/marlon/cam
--
Scott Reed
Owner
NewWays
Wireless Networking
Network Design, Installation and Administration
www.nwwnet.net
--
WISPA Wireless List: [email protected]
Subscribe/Unsubscribe:
http://lists.wispa.org/mailman/listinfo/wireless
Archives: http://lists.wispa.org/pipermail/wireless/
