Monday, February 14, 2011

Content filtering made easy

There are quite a few options on the market to filter web content, like pornography, but most of these require either a server setup or some other time spend configuring files that is totally overkill for a normal household network.

Most of us have a router/modem and a couple of PC's that connect to this.
Here is a very easy method to filter you online experience!

  • OpenDNS
    Get yourself the free account at OpenDNS.
    Once you have created the account it will guide you through an easy setup where you can choose how to configure your hardware. I suggest choosing the router method, all it requires you to do is to manually change the nameserver or DNS servers in your router/modem to:

    If your router is also acting as the DHCP server, remember to change those DNS/nameserver settings as well!

    Make the required changes in your dashboard, adding and removing filters as you wish and save it.You can now read up a bit on dynamic IP's to educate yourself a bit.
  • DNSomatic
    Now we head on over to DNSomatic. Your account details used for OpenDNS should work here as well.
    Click the "Add Service" to get you started. That is all, I told you it is easy!
    Again you can look around to educate yourself a bit if you are so inclined.

  • ddclient
    Next install ddclient. It should be in your distro repositories so it should be easy to install.
    We only need to edit one file:

    $ nano -w /etc/ddclient/ddclient.conf

    Put the following in there:

    ## DNS-O-Matic account-configuration
    use=web,,      \
    protocol=dyndns2,                  \
    login=your account user name,                 \
    password=your password                 \

    Change only the username and password you used to the ones you used to log into the DNSomatic site. You can now manually run ddclient to update your IP, or you can simply add it to a cron job. If you only want to update your IP once every hour (your ISP does not reset your account more often than that), then just do the following:

    $ ln -s /usr/sbin/ddclient /etc/cron.hourly/opendns

    My ISP resets the IP address at irregular intervals, so I had to add this to crontab to get ddclient to run every thirty minutes.

    $ crontab -e
    */30  * * * * /usr/sbin/ddclient

That is it. Try it out to see if your filtering is working and adjust the settings in OpenDNS as you see fit. Happy and safe browsing for the whole family!

The tech savvy users can stop reading now, this section is a bit overboard, but I would like to add it for people who do not want to take any risks while testing to see if everything works like it should.

Testing OpenDNS the safe way

The easiest way to see if it works is to test it by trying to enter a forbidden/filtered site. You will immediately see an OpenDNS error message warning you that this site is being blocked.

To be on the safe side, let me walk you through this without leading you into unnecessary temptation.
In OpenDNS after you have logged in, click on dashboard and then click on settings.
Click on your IP address and under "Manage individual domains" enter a safe site here that you do no mind getting blocked, something like:

Add it and wait around 5-10 minutes for everything to get updated.

Now each time you want to know if ddclient is working without taking risks, just try and access If the normal page displays then your ddclient isn't updating your IP correctly, if it is blocked then you know it is working.

Without getting technical this is a safe way to test and see if it works correctly.

Thanks to shane2peru for the initial writeup.

No comments: