Difference between revisions of "Parental Control"

From ArchWiki
Jump to: navigation, search
(Whitelist with Tinyproxy and Firehol: Tinyproxy repo package is now compiled with transparent-proxy support, so it can be used as well.)
(OpenDNS Parental Control)
(2 intermediate revisions by the same user not shown)
Line 11: Line 11:
  
 
This program will control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.
 
This program will control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.
 +
 +
==Timeoutd==
 +
 +
Package: {{aur|timeoutd}}
 +
 +
A lightweight alternative to timekpr is timeoutd. It scans /var/run/utmp every minute and checks /etc/timeouts for an entry which matches a restricted user. Restrictions can be done on idle time, login time, maximum time, and time of day.
  
 
==Logkeys==
 
==Logkeys==
Line 27: Line 33:
 
  FilterDefaultDeny Yes
 
  FilterDefaultDeny Yes
 
  Filter "/etc/tinyproxy/whitelist"
 
  Filter "/etc/tinyproxy/whitelist"
{{ic|/etc/tinyproxy/whitelist}} should hold the url-s that will be only allowed accessed by selected users. A silly example:
+
{{ic|/etc/tinyproxy/whitelist}} should hold the url's that will be only allowed accessed by selected users. A silly example:
 
  (www|wiki|static).archlinux.org
 
  (www|wiki|static).archlinux.org
 
  google.com
 
  google.com
Line 33: Line 39:
 
  transparent_proxy "80 443" 8888 "nobody root bin myaccount"
 
  transparent_proxy "80 443" 8888 "nobody root bin myaccount"
 
where myaccount is my account that should no be filtered by Tinyproxy.
 
where myaccount is my account that should no be filtered by Tinyproxy.
 +
==OpenDNS Parental Control==
 +
[http://www.opendns.com/home-solutions/parental-controls/ OpenDNS] provides free DNS services that can be used as alternative to your ISP's default servers. What's more, they provide blacklist filtering capabilities by registering. Different levels of filtering is possible. Read more about it on their home page.

Revision as of 22:03, 17 October 2013

Template:Article summary start Template:Article summary text Template:Article summary end

Timekpr

Homepage: https://launchpad.net/timekpr

Package: timekprAUR

This program will control the computer usage of your user accounts. You can limit their daily usage based on a timed access duration and configure periods of day when they can log in. The program consist of a daemon which supervises the time allowed for any user, and a client in the traybar, that warns the users about their time running out. Administration is done in a graphical GTK GUI.

Timeoutd

Package: timeoutdAUR

A lightweight alternative to timekpr is timeoutd. It scans /var/run/utmp every minute and checks /etc/timeouts for an entry which matches a restricted user. Restrictions can be done on idle time, login time, maximum time, and time of day.

Logkeys

Homepage: http://code.google.com/p/logkeys/

Package: logkeys-svnAUR (The -svn version is recommended. It is stable and includes the latest patch that allows logkeys to work in Archlinux)

This program logs every keypress into a logfile for later inspection. It runs as daemon. The logfile by default resides in /var/log, but it is recommended to move it to an encrypted partition as it will contain every password ever entered in the system. For supervision purposes I recommend using the --no-func-keys option. Also there is some keymaps in the logkeys-keymap-svnAUR package, use them with the --keymap option, this is necessary to log the keys properly if you use a localized non US keyboard.

Whitelist with Tinyproxy and Firehol

The following description will enable you to filter any user's access to the internet with a whitelist of url-s using firehol and tinyproxy (or tinyproxy-gitAUR).

/etc/tinyproxy/tinyproxy.conf consists of the following changes:

FilterURLs On
FilterDefaultDeny Yes
Filter "/etc/tinyproxy/whitelist"

/etc/tinyproxy/whitelist should hold the url's that will be only allowed accessed by selected users. A silly example:

(www|wiki|static).archlinux.org
google.com

/etc/firehol/firehol.conf should contain the following line:

transparent_proxy "80 443" 8888 "nobody root bin myaccount"

where myaccount is my account that should no be filtered by Tinyproxy.

OpenDNS Parental Control

OpenDNS provides free DNS services that can be used as alternative to your ISP's default servers. What's more, they provide blacklist filtering capabilities by registering. Different levels of filtering is possible. Read more about it on their home page.