Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Scheduled Force Safe Search Google, Bing and Youtube

    Documentation
    2
    2
    2735
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xchaz last edited by

      I am excited to share this guide on how to force safe search Google, Bing and Youtube with your desired scheduled time. Some contents was copied from this post https://forum.pfsense.org/index.php?topic=112335.0 and improvised. This is very useful when you own an internet cafe or internet shops or just for personal use. Because you can avoid the underage children from viewing bad images/videos/websites by mistake on search engines during peak hours. The script will only trigger and activate if its not active, and deactivate if its active. Functions like a light on/off switch.

      This is my first post by the way.

      This looks easy, but I spent several months to figure this out. Because I find Squid + SquidGuard (safe search) is NOT effective anymore since last year. And I don't like to force safe search this whole day, because some of my customers wants HAPPY HOUR  ;D.

      Prerequisites: You should install a Cron package and use DNS Resolver. This will NOT work on DNS Forwarder.

      Step 1: Writing the code and the script.

      Creating files:

      • SSH to your pfsense

      • Press 8

      • tpye: cd /var/unbound

      • tpye: vi forecegoogle.conf

      • (leave blank for now)

      • save (wq)

      • tpye: cd /tmp/

      • tpye: vi forecegoogle.conf

      • (leave blank for now)

      • save (wq)

      • tpye: cd /root/

      • tpye: vi unbound_check.sh

      • (leave blank for now)

      • save (wq)

      Writing the contents:

      • Go to Diagnostics/Edit File

      • Click Browse

      • Click tmp folder

      • Now you should see a file called forecegoogle.conf, click it

      Copy and paste the following

      local-data: "www.youtube.com A 216.239.38.119"
      local-data: "m.youtube.com A 216.239.38.119"
      local-data: "youtubei.googleapis.com A 216.239.38.119"
      local-data: "youtube.googleapis.com A 216.239.38.119"
      local-data: "www.youtu.be A 216.239.38.119"
      local-data: "www.youtube-nocookie.com A 216.239.38.119"
      local-data: "www.bing.com A 204.79.197.220"
      local-data: "www.google.ad A 216.239.38.120"
      local-data: "www.google.ae A 216.239.38.120"
      local-data: "www.google.com A 216.239.38.120"
      local-data: "www.google.com.af A 216.239.38.120"
      local-data: "www.google.com.ag A 216.239.38.120"
      local-data: "www.google.com.ai A 216.239.38.120"
      local-data: "www.google.al A 216.239.38.120"
      local-data: "www.google.am A 216.239.38.120"
      local-data: "www.google.co.ao A 216.239.38.120"
      local-data: "www.google.com.ar A 216.239.38.120"
      local-data: "www.google.as A 216.239.38.120"
      local-data: "www.google.at A 216.239.38.120"
      local-data: "www.google.com.au A 216.239.38.120"
      local-data: "www.google.az A 216.239.38.120"
      local-data: "www.google.ba A 216.239.38.120"
      local-data: "www.google.com.bd A 216.239.38.120"
      local-data: "www.google.be A 216.239.38.120"
      local-data: "www.google.bf A 216.239.38.120"
      local-data: "www.google.bg A 216.239.38.120"
      local-data: "www.google.com.bh A 216.239.38.120"
      local-data: "www.google.bi A 216.239.38.120"
      local-data: "www.google.bj A 216.239.38.120"
      local-data: "www.google.com.bn A 216.239.38.120"
      local-data: "www.google.com.bo A 216.239.38.120"
      local-data: "www.google.com.br A 216.239.38.120"
      local-data: "www.google.bs A 216.239.38.120"
      local-data: "www.google.bt A 216.239.38.120"
      local-data: "www.google.co.bw A 216.239.38.120"
      local-data: "www.google.by A 216.239.38.120"
      local-data: "www.google.com.bz A 216.239.38.120"
      local-data: "www.google.ca A 216.239.38.120"
      local-data: "www.google.cd A 216.239.38.120"
      local-data: "www.google.cf A 216.239.38.120"
      local-data: "www.google.cg A 216.239.38.120"
      local-data: "www.google.ch A 216.239.38.120"
      local-data: "www.google.ci A 216.239.38.120"
      local-data: "www.google.co.ck A 216.239.38.120"
      local-data: "www.google.cl A 216.239.38.120"
      local-data: "www.google.cm A 216.239.38.120"
      local-data: "www.google.cn A 216.239.38.120"
      local-data: "www.google.com.co A 216.239.38.120"
      local-data: "www.google.co.cr A 216.239.38.120"
      local-data: "www.google.com.cu A 216.239.38.120"
      local-data: "www.google.cv A 216.239.38.120"
      local-data: "www.google.com.cy A 216.239.38.120"
      local-data: "www.google.cz A 216.239.38.120"
      local-data: "www.google.de A 216.239.38.120"
      local-data: "www.google.dj A 216.239.38.120"
      local-data: "www.google.dk A 216.239.38.120"
      local-data: "www.google.dm A 216.239.38.120"
      local-data: "www.google.com.do A 216.239.38.120"
      local-data: "www.google.dz A 216.239.38.120"
      local-data: "www.google.com.ec A 216.239.38.120"
      local-data: "www.google.ee A 216.239.38.120"
      local-data: "www.google.com.eg A 216.239.38.120"
      local-data: "www.google.com.et A 216.239.38.120"
      local-data: "www.google.fi A 216.239.38.120"
      local-data: "www.google.com.fj A 216.239.38.120"
      local-data: "www.google.fm A 216.239.38.120"
      local-data: "www.google.fr A 216.239.38.120"
      local-data: "www.google.ga A 216.239.38.120"
      local-data: "www.google.ge A 216.239.38.120"
      local-data: "www.google.gg A 216.239.38.120"
      local-data: "www.google.com.gh A 216.239.38.120"
      local-data: "www.google.com.gi A 216.239.38.120"
      local-data: "www.google.gl A 216.239.38.120"
      local-data: "www.google.gm A 216.239.38.120"
      local-data: "www.google.gp A 216.239.38.120"
      local-data: "www.google.gr A 216.239.38.120"
      local-data: "www.google.com.gt A 216.239.38.120"
      local-data: "www.google.gy A 216.239.38.120"
      local-data: "www.google.com.hk A 216.239.38.120"
      local-data: "www.google.hn A 216.239.38.120"
      local-data: "www.google.hr A 216.239.38.120"
      local-data: "www.google.ht A 216.239.38.120"
      local-data: "www.google.hu A 216.239.38.120"
      local-data: "www.google.co.id A 216.239.38.120"
      local-data: "www.google.ie A 216.239.38.120"
      local-data: "www.google.co.il A 216.239.38.120"
      local-data: "www.google.im A 216.239.38.120"
      local-data: "www.google.co.in A 216.239.38.120"
      local-data: "www.google.iq A 216.239.38.120"
      local-data: "www.google.is A 216.239.38.120"
      local-data: "www.google.it A 216.239.38.120"
      local-data: "www.google.je A 216.239.38.120"
      local-data: "www.google.com.jm A 216.239.38.120"
      local-data: "www.google.jo A 216.239.38.120"
      local-data: "www.google.co.jp A 216.239.38.120"
      local-data: "www.google.co.ke A 216.239.38.120"
      local-data: "www.google.com.kh A 216.239.38.120"
      local-data: "www.google.ki A 216.239.38.120"
      local-data: "www.google.kg A 216.239.38.120"
      local-data: "www.google.co.kr A 216.239.38.120"
      local-data: "www.google.com.kw A 216.239.38.120"
      local-data: "www.google.kz A 216.239.38.120"
      local-data: "www.google.la A 216.239.38.120"
      local-data: "www.google.com.lb A 216.239.38.120"
      local-data: "www.google.li A 216.239.38.120"
      local-data: "www.google.lk A 216.239.38.120"
      local-data: "www.google.co.ls A 216.239.38.120"
      local-data: "www.google.lt A 216.239.38.120"
      local-data: "www.google.lu A 216.239.38.120"
      local-data: "www.google.lv A 216.239.38.120"
      local-data: "www.google.com.ly A 216.239.38.120"
      local-data: "www.google.co.ma A 216.239.38.120"
      local-data: "www.google.md A 216.239.38.120"
      local-data: "www.google.me A 216.239.38.120"
      local-data: "www.google.mg A 216.239.38.120"
      local-data: "www.google.mk A 216.239.38.120"
      local-data: "www.google.ml A 216.239.38.120"
      local-data: "www.google.com.mm A 216.239.38.120"
      local-data: "www.google.mn A 216.239.38.120"
      local-data: "www.google.ms A 216.239.38.120"
      local-data: "www.google.com.mt A 216.239.38.120"
      local-data: "www.google.mu A 216.239.38.120"
      local-data: "www.google.mv A 216.239.38.120"
      local-data: "www.google.mw A 216.239.38.120"
      local-data: "www.google.com.mx A 216.239.38.120"
      local-data: "www.google.com.my A 216.239.38.120"
      local-data: "www.google.co.mz A 216.239.38.120"
      local-data: "www.google.com.na A 216.239.38.120"
      local-data: "www.google.com.nf A 216.239.38.120"
      local-data: "www.google.com.ng A 216.239.38.120"
      local-data: "www.google.com.ni A 216.239.38.120"
      local-data: "www.google.ne A 216.239.38.120"
      local-data: "www.google.nl A 216.239.38.120"
      local-data: "www.google.no A 216.239.38.120"
      local-data: "www.google.com.np A 216.239.38.120"
      local-data: "www.google.nr A 216.239.38.120"
      local-data: "www.google.nu A 216.239.38.120"
      local-data: "www.google.co.nz A 216.239.38.120"
      local-data: "www.google.com.om A 216.239.38.120"
      local-data: "www.google.com.pa A 216.239.38.120"
      local-data: "www.google.com.pe A 216.239.38.120"
      local-data: "www.google.com.pg A 216.239.38.120"
      local-data: "www.google.com.ph A 216.239.38.120"
      local-data: "www.google.com.pk A 216.239.38.120"
      local-data: "www.google.pl A 216.239.38.120"
      local-data: "www.google.pn A 216.239.38.120"
      local-data: "www.google.com.pr A 216.239.38.120"
      local-data: "www.google.ps A 216.239.38.120"
      local-data: "www.google.pt A 216.239.38.120"
      local-data: "www.google.com.py A 216.239.38.120"
      local-data: "www.google.com.qa A 216.239.38.120"
      local-data: "www.google.ro A 216.239.38.120"
      local-data: "www.google.ru A 216.239.38.120"
      local-data: "www.google.rw A 216.239.38.120"
      local-data: "www.google.com.sa A 216.239.38.120"
      local-data: "www.google.com.sb A 216.239.38.120"
      local-data: "www.google.sc A 216.239.38.120"
      local-data: "www.google.se A 216.239.38.120"
      local-data: "www.google.com.sg A 216.239.38.120"
      local-data: "www.google.sh A 216.239.38.120"
      local-data: "www.google.si A 216.239.38.120"
      local-data: "www.google.sk A 216.239.38.120"
      local-data: "www.google.com.sl A 216.239.38.120"
      local-data: "www.google.sn A 216.239.38.120"
      local-data: "www.google.so A 216.239.38.120"
      local-data: "www.google.sm A 216.239.38.120"
      local-data: "www.google.sr A 216.239.38.120"
      local-data: "www.google.st A 216.239.38.120"
      local-data: "www.google.com.sv A 216.239.38.120"
      local-data: "www.google.td A 216.239.38.120"
      local-data: "www.google.tg A 216.239.38.120"
      local-data: "www.google.co.th A 216.239.38.120"
      local-data: "www.google.com.tj A 216.239.38.120"
      local-data: "www.google.tk A 216.239.38.120"
      local-data: "www.google.tl A 216.239.38.120"
      local-data: "www.google.tm A 216.239.38.120"
      local-data: "www.google.tn A 216.239.38.120"
      local-data: "www.google.to A 216.239.38.120"
      local-data: "www.google.com.tr A 216.239.38.120"
      local-data: "www.google.tt A 216.239.38.120"
      local-data: "www.google.com.tw A 216.239.38.120"
      local-data: "www.google.co.tz A 216.239.38.120"
      local-data: "www.google.com.ua A 216.239.38.120"
      local-data: "www.google.co.ug A 216.239.38.120"
      local-data: "www.google.co.uk A 216.239.38.120"
      local-data: "www.google.com.uy A 216.239.38.120"
      local-data: "www.google.co.uz A 216.239.38.120"
      local-data: "www.google.com.vc A 216.239.38.120"
      local-data: "www.google.co.ve A 216.239.38.120"
      local-data: "www.google.vg A 216.239.38.120"
      local-data: "www.google.co.vi A 216.239.38.120"
      local-data: "www.google.com.vn A 216.239.38.120"
      local-data: "www.google.vu A 216.239.38.120"
      local-data: "www.google.ws A 216.239.38.120"
      local-data: "www.google.rs A 216.239.38.120"
      local-data: "www.google.co.za A 216.239.38.120"
      local-data: "www.google.co.zm A 216.239.38.120"
      local-data: "www.google.co.zw A 216.239.38.120"
      local-data: "www.google.cat A 216.239.38.120"
      

      SAVE

      • Click Browse

      • Click the Home icon button

      • Click root

      • Now you should see a file called unbound_check.sh, click it

      Copy and paste the following

      #!/bin/sh
      
      if grep "local-data" /var/unbound/forecegoogle.conf > /dev/null
      then
      	rm /var/unbound/forecegoogle.conf && touch /var/unbound/forecegoogle.conf
      	response="Deactivated"
      else
          cp /tmp/forecegoogle.conf /var/unbound/
      	response="Activated"
      fi
      	PID=`(cat /var/run/unbound.pid)`
      	kill $PID
      	sleep 2
      	unbound -c /var/unbound/unbound.conf #reload DNS resolver
      	sleep 2
      	/etc/rc.filter_configure  #reload filter
      	echo $response
      

      SAVE

      Step 2: Setting Up

      • Go to Services/Cron

      • Add

      • (Trigger active force safe search every 8AM in the morning)

      • 0 8 * * * root /root/unbound_check.sh

      SAVE

      • Add

      • (Trigger deactivate force safe search every 10PM in the evening)

      • 0 22 * * * root /root/unbound_check.sh

      SAVE

      • Go to Services/DNS Resolver/General Settings

      • (In "custom option" enter)

      server:
      include: /var/unbound/forecegoogle.conf
      

      SAVE

      Step 3: Testing and application

      • Go back to your Shell

      • tpye: chmod 775 /root/unbound_check.sh

      • tpye: chmod 444 /tmp/forecegoogle.conf

      • tpye: /root/unbound_check.sh

      • (it should return "Activated")

      • (Wait at least 1 minute for the DNS Resolver to flush and restart)

      • Go to your browser in Private mode or Incognito mode

      • Now do a search in Google, Bing and Youtube.

      • You should see "Safesearch on" on Google.

      • Go to Youtube and scroll down, you should see "Restricted Mode: On

      • Go back to your Shell

      • tpye: /root/unbound_check.sh

      • (it should return "Deactivated")

      • (Wait at least 1 minute for the DNS Resolver to flush and restart)

      • Now do a search in Google, Bing and Youtube.

      • You should NOT see "Safesearch on" on Google.

      • Go to Youtube and scroll down, you should see "Restricted Mode: Off

      Final note, change the Cron settings as you desire and Activate or Deactivate during peak hours depends on your requirements. ENJOY!

      If you have a more efficient way to do this, I am open for suggestions. Thanks!

      1 Reply Last reply Reply Quote 0
      • K
        kraduk last edited by kraduk

        This post is deleted!
        1 Reply Last reply Reply Quote 0
        • First post
          Last post

        Products

        • Platform Overview
        • TNSR
        • pfSense
        • Appliances

        Services

        • Training
        • Professional Services

        Support

        • Subscription Plans
        • Contact Support
        • Product Lifecycle
        • Documentation

        News

        • Media Coverage
        • Press
        • Events

        Resources

        • Blog
        • FAQ
        • Find a Partner
        • Resource Library
        • Security Information

        Company

        • About Us
        • Careers
        • Partners
        • Contact Us
        • Legal
        Our Mission

        We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

        Subscribe to our Newsletter

        Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

        © 2021 Rubicon Communications, LLC | Privacy Policy