sudo gedit /etc/apt/sources.list &
2. Uncomment the universe options (temporarily) and save and quit editor.
3. Type:
sudo apt-get update
(WARNING: Ignore if Ubuntu pops open a window asking you to update your system -- if you update, you might end up pulling from the universe source and it could make your system more unstable. We'll undo this in a moment.)
sudo apt-get install tinyproxy
sudo gedit /etc/apt/sources.list &
4. Comment the universe options and save and quit the editor.
5. Type:
sudo apt-get update
sudo gedit /etc/tiny*/*.conf &
6. Uncomment these lines:
Filter "/etc/tinyproxy/filter"
FilterURLs On
7. Don't close your editor just yet. Think about your home subnet. Is it "192.168.0.x"? (In many cases this is the case if you are using Windows or are behind a Cable\DSL router. See what IP addresses your home PCs use and that should help you define your subnet. If you don't have a subnet, then that's beyond the discussion here about how to set up your own home subnet. Look elsewhere in Ubuntu Forums for that.)
8. In your tinyproxy.conf file that you're still editing, add a line like this for your current subnet, assuming it's "192.168.0.x":
Allow 192.168.0.0/24
9. The /24 stands for the "netmask". The short of it is that it allows 0-255 on the last part of the IP address, meaning, usually, your entire home subnet. I've got you going with a shortcut. If you want more help on netmasks, that's beyond the discussion here. I had to Google for it with keywords "squid and netmask" because tinyproxy and Squid use the same kind of "Allow" statement.
10. Now save your tinyproxy.conf file.
11. Type:
sudo cp /usr/share/tinyproxy/default.html /usr/share/tinyproxy/default.html.ORIGINAL
sudo gedit /usr/share/tinyproxy/default.html &
12. Now you see an HTML page. The reason I took you here is because this is the template page one sees when they have violated the proxy and gone somewhere they should not have. By default, this page is fairly ugly, and, frankly, confusing for young eyes to see. If you know a little HTML, edit this file to make it less confusing for children. Just note that this HTML is special in that it cannot load images -- it's just text you can put in here. Also watch out for the {} statements -- these are fillers that get filled in by the proxy. Now save the file when done.
13. Type:
sudo gedit /etc/tiny*/filter &
14. Now you're editing the filter file. In this part, it's actually pretty hillarious. I don't recommend you let anyone see you type this. You have to think up all the vile keywords on the planet that are not part of another word. For instance, if you look closely at the word "grapes", there's a vile word in there. The same with "advertisement" if you look close enough. So you can't filter on those kinds of vile words (that are inside "advertisement" and "grapes".) However, you can filter on other vile words. So, you can only use keywords that are not part of some other word. That discussion is beyond the discussion of this forum. And hey, if you don't have to type this vile list, but can find it on the Internet and download it, then that's your choice and will probably save you the hassle. You can also put in stuff like "http://www.dontgohere.com" for sites like "dontgohere.com" when you don't want users going there. When done, save the file.
15. Now we bounce the tinyproxy by doing:
sudo /etc/init.d/tinyproxy restart
sudo gedit /etc/crontab &
(Note it's a space after "tinyproxy" and before "restart".)
16. In crontab, add this line to bounce the tinyproxy at night so that you can kill any chance of a memory leak and make it run faster:
0 22 * * * root /etc/init.d/tinyproxy restart
Note that I did a
17. Now go to your kid's home PCs and change the settings in them so that they use this proxy. In my firefox, that's under a button in the Preferences dialog called "Connection Settings". Just point it to your IP address of the Linux proxy and set the port to 8888. I wouldn't bother with anything except HTTP proxy. Don't bother with SSL, FTP, all SOCKS, etc. Test this with yourself, first, of course, and see how it works. Note that your spouse might not like this proxy with amazon.com, ebay.com, or her banking sites, so you might want to put exceptions in the browser settings to not use the proxy when visiting these sites.
18. Note when you have to change your filter file, you have to restart the tinyproxy by doing:
sudo /etc/init.d/tinyproxy restart
19. When you want to debug what's going on, or simply to check up on your kids browsing habits, look in:
sudo /var/log/tinyproxy.log
20. Note that you can edit the log level to make it less verbose -- just read the info on that in your tinyproxy.conf file.
No comments:
Post a Comment