I’ve been using Linux, in various shapes and sizes, for well over 8 years now and I’m still impressed by the sheer flexibility of the OS.
It’s a web server, it’s a router, it’s a firewall, it’s a desktop, it’s a recovery tool, it’s a geeky thing to put on your iPod. In short, it is all things to many people. That’s what I love about using Linux. Just when you think you’ve got it licked, suddenly there’s a new way to use and abuse the power of complete configuration freedom.
Case in point: Some of our users at work were abusing our good natured benevolence in letting them browse what ever websites they pleased. All they had to do was self-police. “Keep the personal stuff to lunch breaks, eh?” was the phrase we muttered. Well, blow me down with a feather if they weren’t disregarding our request.
What we needed was a way to restrict users to certain sites at certain times. Blocking it with our Windows Server 2003 wasn’t an option as to do that it was an all or nothing affair. Unacceptable. Purchasing ISA Server also wasn’t an option as it’s expensive and would take too long to sort out via the official channels. We needed a solution and we needed it now.
Enter an old PC we were about to throw away, 2 NIC’s and Linux. Placing the linux box in between the Windows Server (which acted as the gateway for the rest of the network) and our router as a bridge, plus some jiggery pokery with Squid and Shorewall, I managed to get a transparent proxy with timed ACL’s up and running within 2 hours. It literally slotted in and not a single configuration change was required on the whole network.
I love the smell of hotmail-blocking in the morning!
Chris Boulton | 27-Sep-05 at 11:10 am | Permalink
So now all you have to do is wait for the complaints to roll in about people not being able to access the websites “they should be able to access”. Then you’ll hav the excuses as to why they should be able to.
Once you deal with that, all will be well. :P
I’ve setup a similar implementation, along side government proxy filtering, to block some 1,200+ students from accessing websites that their school doesn’t want bandwidth wasted on (Hotmail being the prime candidate too ;))
So anyway, just stumbled upon this place via your welcome message in #wordpress.. I must say, the pink is certainly different and interesting. Looking good.
Chris
Splee | 27-Sep-05 at 11:20 am | Permalink
The great thing is, we haven’t had a single complaint. I’ve been fairly easy on what sites they can’t access (ebay, hotmail, gmail, betting sites, etc) so when they get the message “Access Denied” they know that complaining about it will only show they were one of the offenders. :D
Thanks for the comment on the new design. I was kind of skeptical as I was putting it together, but it really grew on me the nearer the theme came to completion.
Mourn | 08-Oct-05 at 5:33 pm | Permalink
Down with IT Nazis! You guys will be the first up against the wall when the revolution comes!
Forunately in my office of two, we are the IT guys. I often catch myself up to no good during work hours and have repeatedly threatened to block me from the web. However, I always manage to sweet talk my way out of it.
Military Watch Man | 09-Mar-06 at 4:57 pm | Permalink
Looking for bloggs related to military watches and came across your blogg, just thought I would say hello. New to blogging so hope its OK.
ebay/clickbank | 16-Mar-06 at 9:27 am | Permalink
Spot The Best Deals Here !