DNS filtering Church project
-
@johnpoz As you said there are many services that can do this but we want to do it ourself because we have very specific content that is not blocked by any paid service like certain YouTube channels wich promotes bulimia, suicide or those that are sexually suggestive without being pornographic. I am not going to name those channels in this way because it goes beyond the scope we want to deal with but I am sure you have seen the channels where some women perform vibrator or dildo performance tests without showing the device on camera. That kind of content is in YouTube and is legal because if you don't show the "thing" there is no problem for YouTube. That kind of content is what we want to block for children under 7 years old when they are using the wifi at home. There is nothing wrong with using a vibrator or dildo but there is a time in life for every experience.
-
As much as I like to use pfSense everywhere I can I'm going to suggest that this is not an application for which it's particularly well suited.
Steve
-
@stephenw10 Anything you can recomend?
-
@hmijares said in DNS filtering Church project:
There is nothing wrong with using a vibrator or dildo but there is a time in life for every experience.
As the others write, this is really a thread mill fight...
The things described above will help reduce your chances of browsing the wrong content, but it’s definitely primarily a function of human character and a good education.
The pfSense can help a lot in prevention, but currently nothing provides a perfect solution.
At least I don’t know that,......... I say you wouldn’t have that kind of content on the web......if there was a perfect solution to this...Plus, with our new browser horror, we’re going in an even worse direction, like DOH (insanity)
-
@DaddyGo This is exaclty what we are looking for to "reduce your chances of browsing the wrong content," you nail it
-
I would start out looking at Pi-Hole which is designed specifically for this but at a small scale. It may not be suitable directly.
How many users do you expect at any one time? Do you need some sort of filtering so only members can access it?
Steve
-
@DaddyGo And the fact that youtube is youtube. You can't really pick and chose. You get it all or get kids youtube if, and only if, you use that app. I think there is is more harm than good from trying to hide reality than from facing it squarely and developing the skills needed to exist in an imperfect world.
-
@jwj I have to said again I'm not here to discuss the moral but the technical aspect of the project. Moral is out of the scope of this consultation. So I'm going to kindly ask you to stop repliying to my posts as you are no adding any value to the technical aspect. Thanks in advance!
-
@hmijares Why can't you understand that you can't filter in the way you say you want to. Given that you must look to other ways to accomplish your objective.
-
@hmijares said in DNS filtering Church project:
This is exaclty what we are looking for to "reduce your chances of browsing the wrong content," you nail it
I suggest you get into it and try pfSense (pfBlockerNG-devel + Unbound (DoT + DNSSEC) + CloudFlare 1.1.1.3 + good BLKs)
and we'll see....++++edit:
https://developers.cloudflare.com/1.1.1.1/1.1.1.1-for-families+++edit2:
possibly an external Pi-Hole on Raspbery as the primary but external DNS provider for pfSense
(note I don't like Pi-Hole)
but it's worth a try, at least we can discuss which is better ... -
Randomly chosen. This does seem to be buzz word compliant for what the OP wants.
https://www.safedns.com/en/safe-internet-for-nonprofits/
-
@jwj Ok no problem in that but as an administrator you have to be able to separate you moral from the technical aspects of a question. I think this forum is for techical aspects of pfsense am I right? Your personal opinion about the moral aspects is not relevant and if you are an administrator you sould know that. I guess you job is to moderate about tech not philosophy.
Have a good day and get yourself together bro if you want to moderte you need to separate your beliefs from your knowledge.
-
@DaddyGo I'll try thanks all for you kindness have a good day
-
@jwj said in DNS filtering Church project:
Randomly chosen. This does seem to be buzz word compliant for what the OP wants.
A lot of people and company do that, but it’s always suspicious to me because that’s when your DNS flows through them.
I like to be relatively independent....Think of the AVAST scandal = the "real website feature "and sold the collected IPs
Well, there is privacy too. -
@hmijares said in DNS filtering Church project:
I'll try thanks all for you kindness have a good day
It was an interesting conversation, we look forward to seeing the results again if you feel like ...
Have a good day.
-
@DaddyGo Doesn't matter. He just wants a quick, easy, answer to his question. He can figure out what service he wants to dump money into and then spend all the rest of his time trying to play wack-a-mole for content he finds unacceptable. The internet is unacceptable to everyone in some way. Go off the grid is the only way to avoid that reality.
-
@jwj said in DNS filtering Church project:
The internet is unacceptable to everyone in some way.
That's a fact, but as a sysadmin we always have to meet a little bit for everyone.
I just have to say it's hard ... -
@DaddyGo Do you think, reading between the lines, that he would be better with a tightly curated whitelist? Might be the straightest line to what will be an imperfect solution no matter what.
-
@jwj said in DNS filtering Church project:
Do you think, reading between the lines
You see it's possible that it would work better ...
To hide everything and then just let what you want to be visible ...but this cannot be applied to Youtube internal content, so it can only reduce the headache...
let’s not forget also have a lot of serious content on Youtube (books, science, IT, etc.)
-
@DaddyGo Yeah, he's going to have to give up on youtube, at least for the youngest demographic in his user population. 5 year olds don't contextualize things. For the older ones he can't avoid the non-technical issues. It's a fools folly to think he can.
He could also spend money on end-point filtering and just not even try to do it at the network level. If he is determined to spend money he could spend a lot of it doing that.
-
@jwj said in DNS filtering Church project:
It's a fools folly to think he can.
It can't go perfectly for anyone
-
This post is deleted!