Blocking iPlayer
in [UK Linux]
|
From: Ian Northeast on 10 Nov 2009 12:33 On Tue, 10 Nov 2009 00:22:48 +0000, Whiskers wrote: > On 2009-11-09, Simon J. Rowe <srowe(a)mose.org.uk> wrote: >> My darling children are very good at burning my 20Gb bandwidth limit in >> a week. I've dealt with youtube by redirecting youtube.com in my DNS >> cache but iPlayer is proving more difficult. >> >> Anyone got a suggestion how I can limit access? >> Simon > > Add http://www.bbc.co.uk/iplayer/ to your hosts file or firewall or your > router's 'block' settings? You can't block a specific URL like this at the DNS or firewall levels. All you could do is block the entire BBC site which is probably not what the OP wants. DNS based blocking is easily circumvented with a little knowledge. As others have said the answer is a proxy server like squid and firewall settings which allow only the squid server to access HTTP(S). I have seen commercial web proxies which require each user to sign on and allow different rules for different users but I do not know if squid or any other open source product can do this. Regards, Ian
From: Tony van der Hoff on 10 Nov 2009 13:27 Martin wrote: > On Tue, 10 Nov 2009 00:22:48 +0000, Whiskers <catwheezel(a)operamail.com> wrote: > >> On 2009-11-09, Simon J. Rowe <srowe(a)mose.org.uk> wrote: >>> My darling children are very good at burning my 20Gb bandwidth limit in a >>> week. I've dealt with youtube by redirecting youtube.com in my DNS cache but >>> iPlayer is proving more difficult. >>> >>> Anyone got a suggestion how I can limit access? >>> Simon >> Add http://www.bbc.co.uk/iplayer/ to your hosts file or firewall or your >> router's 'block' settings? > > or get a non UK IP address and the BBC will do the rest. This seems to me a most extraordinary thread. How about explaining the situation to your kids, and instructing them not to use iPlayer unless you're monitoring them? -- Tony van der Hoff | mailto:tony(a)vanderhoff.org Ari�ge, France |
From: Folderol on 10 Nov 2009 13:57 On Tue, 10 Nov 2009 19:27:44 +0100 Tony van der Hoff <tony(a)nospam.vanderhoff.org> wrote: > Martin wrote: > > On Tue, 10 Nov 2009 00:22:48 +0000, Whiskers <catwheezel(a)operamail.com> wrote: > > > >> On 2009-11-09, Simon J. Rowe <srowe(a)mose.org.uk> wrote: > >>> My darling children are very good at burning my 20Gb bandwidth limit in a > >>> week. I've dealt with youtube by redirecting youtube.com in my DNS cache but > >>> iPlayer is proving more difficult. > >>> > >>> Anyone got a suggestion how I can limit access? > >>> Simon > >> Add http://www.bbc.co.uk/iplayer/ to your hosts file or firewall or your > >> router's 'block' settings? > > > > or get a non UK IP address and the BBC will do the rest. > > This seems to me a most extraordinary thread. > > How about explaining the situation to your kids, and instructing them > not to use iPlayer unless you're monitoring them? Very much my thoughts. Somehow, when my father told us kids not to do something we knew that we'd better not do it! -- Will J G
From: Tony Houghton on 10 Nov 2009 10:51 In <4af97e04$1_1(a)glkas0286.greenlnk.net>, Geoffrey Clements <geoffrey.clementsNO(a)SPAMbaesystems.com> wrote: > "Chris" <ithinkiam(a)gmail.com> wrote in message > news:hdbsit$aeh$1(a)news.eternal-september.org... >> Simon J. Rowe wrote: >> >>> My darling children are very good at burning my 20Gb bandwidth >>> limit in a week. I've dealt with youtube by redirecting youtube.com >>> in my DNS cache but iPlayer is proving more difficult. >>> >>> Anyone got a suggestion how I can limit access? >> >> My children are still a bit young, but in preparation I've done a >> little background reading. From what I've seen, things like squid >> and/or dansguardian should be able to do what you want. >> http://www.squid-cache.org/ >> http://dansguardian.org/ > > I remember looking into this a few years back and the combination of squid > and dansguardian looked promising. I didn't look too deep into it but at the > time it looked like I would have to manipulate iptables to redirect > destination ports 80 and 443 to other ports on localhost. However I was > never sure how I would stop squid from being redirected to itself. The other > problem is that *I* don't want to use the proxy and AFAIK there's no way to > identify users in iptables. > > Setting up the browsers to use a proxy always seemed like a non-starter as > it's easily defeated. > > These days I have a server on 24/7 so I could redirect to this but I don't > like being dependant on having two machines working to get on the www. Using the browser's proxy settings might work if the kids aren't aware of it. It occurs to me it might be worth filing feature requests with Firefox etc to password-protect certain settings. If they are you could still use the browser setting in your own account to use a proxy that bypasses the filtering. That might rely on a second server though, otherwise the redirection on the client machine would apply to the proxy too. -- TH * http://www.realh.co.uk
From: Simon J. Rowe on 10 Nov 2009 14:14
Chris wrote: > My children are still a bit young, but in preparation I've done a > little background reading. From what I've seen, things like squid > and/or dansguardian should be able to do what you want. > http://www.squid-cache.org/ > http://dansguardian.org/ I had considered installing squid and catching it that way. DansGuardian seems to be some sort of frontend but all the links to documentation I try 404. Simon |