Metered HTTP Proxy? 138
Jon asks: "My brother-in-law has three teenage daughters. The only thing that he has to hold over their head is being online. I am trying to find him an HTTP proxy server that has metering built in. I started with Squid which has the authentication stuff in it but we would like something where we could allocate minutes, like some of the WiFi stuff you encounter at a hot spot."
Got the same problem here... (Score:4, Interesting)
- need to be able to limit each daughter to e.g. 1Gb of traffic. Once they hit that, bzzt, no more Internet access till next month. After that, they can either experience the joys of 28kb/s downloading or grovel at someone's feet to let them browse under another login id
- each daughter needs to be able to check how much Internet "allowance" she has left
- need to be able to limit use to a specific period of the day. With holidays coming up, I don't want them to be sitting in their rooms all day chatting... Ideally, I'd be able to block out individual sites (e.g. MSN) while leaving other stuff untouched
- need to be able to block out the most noxious sites. For some reason, teenage girls can't seem to resist downloading crapware if it calls itself "PicOfGoodCharlotte.exe" or something similar...
Yep, I'm aware that I could set up something that does most/all of this, but frankly there's not enough hours in the day at present to do so.
Re:Got the same problem here... (Score:5, Funny)
You sir, have made my day.
Re:Got the same problem here... (Score:2)
(ducks cow dung thrown from middle of fscking nowhere...)
Re:Got the same problem here... (Score:2)
OPTED
Re:Got the same problem here... (Score:2)
Re:Got the same problem here... (Score:3, Funny)
Re:Got the same problem here... (Score:2)
This is easy. Install linux, put mozilla on it with maybe the flash plugin if you're feeling generous.
Re:Got the same problem here... (Score:2)
Of course, extensions and plugins and easily be added within
Re:Got the same problem here... (Score:2)
In a corporate environment, you'd at most see 1 in 200 people who might try that.
Re:Got the same problem here... (Score:2)
Re:Got the same problem here... (Score:1, Troll)
Re:Got the same problem here... (Score:1)
If your ISP caps your download, I can see the point of that. But if not, why would you limit them? It's not as if storage is expensive any more. Limiting their downloads for a spurious reason is an incredibly shitty thing to do.
And reducing them to 28.8k? The only word I can think of to describe that is "lame."
I can understand why parents what to censor their kids' time
Re:Got the same problem here... (Score:1)
Maybe they'll just go to the local $evil_person (drugdealer, pimp, vb-coder, terrorist, choose one) and grovel at his err... feet...
You never know.
Re:Got the same problem here... (Score:1)
The only problem I see here is that you may have multiple computers, which may be the case, but I don't see it mentioned in the initial post. If that's the case, the whole situation bec
Occam's Razor (Score:4, Insightful)
I don't think so. There are a lot simpler carrots and sticks available, in order of decreasing importance to the average teenage girl:
1) Telephone privs - no cell phone for you
2) Grounding - no hanging out at the mall for you
3) Allowance - no buying the latest MTV-hyped fad product for you
4) Television privs - no watching MTV-hyped commercials-as-content for you
5) Driving privs - no freedom to move about for you
6) Food - no bulemia practice for you
Re:Occam's Razor (Score:3, Insightful)
Re:Occam's Razor (Score:2)
Either way, cutting off my internet access would only serve to piss me off. Instead of talking on IM all the time, I'd just write a kernel security model or something in my free time.
Either of them would fill up just as much time.
Re:Occam's Razor (Score:2)
I don't think so. There are a lot simpler carrots and sticks available, in order of decreasing importance to the average teenage girl:
1) Telephone privs - no cell phone for you
...
While I'm sure there's some variance on this, I'd be willing to wager that IM has knocked out the phone as the most important thing. Sure, it's not the only thing, but judging from the kids at the school where I teach, IM is the major lifeline. After all, why talk with just one friend when you can "talk" with 20 at the s
Re:Occam's Razor (Score:1)
Re:Occam's Razor (Score:2)
Not just girls, these are pretty gender neutral.
1) Telephone privs - no cell phone for you
Fine, I'll just go put on my raincoat, hop on my bike and ride to one of this city's many phone booths with a closing door when I need the phone. They stay warm year round, are sheltered and have a light. (I have done this, and I had friends that stashed a 25-pound portable compu
Re:Occam's Razor (Score:1)
Eleven.
One to unscrew the light bulb and put a new one in, and
ten to keep away all those Californians wishing to share the experience.
Re:Occam's Razor (Score:2)
Eleven. One to unscrew the light bulb and put a new one in, and ten to keep away all those Californians wishing to share the experience.
No shit. I really wish most of those bastards would spend lots of money and then remember to leave when they're done visiting.
Resourcefulness and Independence (Score:2)
Re:Occam's Razor (Score:2)
There is no such thing as a chick that is too old to spank.
Of course, that still doesn't address the punishment issue...
How 'bout using a low-tech timer ... (Score:2)
Low tech, but works.
P.S. Blocking sites is a never-ending battle IMHO - Corporations (with dedicated IT teams) can't keep up with the spammers. I'd just review their surfing history occasionally and ask 'em about it.
Re:How 'bout using a low-tech timer ... (Score:2)
OpenBSD's Authpf (Score:3, Informative)
Have you considered OpenBSD's Authpf? Here's the description [openbsd.org] and man page [openbsd.org].
It runs on an OpenBSD firewall (which may be a pain for you; not sure what you've got installed already).
Anyway, what it does is it prevents packets from flowing UNLESS the user has authenticated to the firewall via an ssh session. From there, the packets are tagged as belonging to the user, and you can deal with a particular user's packets as you wish (prioritize, block, redirect, etc).
If you could apply standard login controls (amount of time, time of day, etc), then you can effectively limit access to the internet with the same granularity...
Re:OpenBSD's Authpf or an equivalent (Score:2)
Start clean and extensible. I advize you to follow jhealys advise - start at the network layer. You're gonna lose the turn-key soho router in favour of a custom firewall/router. Network metering will be ip/mac specific/box specific but you can incorporate some authentication aspect.
Try looking for something on Freshmeat [freshmeat.net] or Google [google.com]
Re:OpenBSD's Authpf or an equivalent (Score:2)
Re:OpenBSD's Authpf or an equivalent (Score:2)
Re:OpenBSD's Authpf or an equivalent (Score:2, Informative)
So if OpenBSD is a firewall box, you control the incoming packets on the internal NIC--redirect all incoming port 80 to 3128: squid as transparent proxy. http://www.benzedrine.cx/transquid.html
Re:OpenBSD's Authpf or an equivalent (Score:2)
Re:OpenBSD's Authpf or an equivalent (Score:2)
Re:OpenBSD's Authpf (Score:1)
Re:OpenBSD's Authpf (Score:1)
Re:OpenBSD's Authpf (Score:1)
Re:OpenBSD's Authpf (Score:1)
Oh, I see now: your post was just a troll. No educated geek actually believes that BSD is dying out. Even if Microsoft did finally stop running their dinky little hotmail service on FreeBSD (I hear it took them 3.1 tries to get it to run on NT
Why? (Score:5, Insightful)
Re:Why? (Score:2)
Re:Why? (Score:3, Interesting)
You wouldn't literally be forcing them to code something
Re:Why? (Score:3, Informative)
Re:Why? (Score:5, Insightful)
My parents divorced when I was very young, and shareed equal custody. They both had very different parenting styles. My father was very strict, trying to micro-manage every aspect of my and my step-siblings lives. We were allowed 20 minutes a day on the computer, not one second left. We were allowed exactly 3 phone calls a night, each one up to 10 minutes in length, not one second over. We were not allowed to talk to anyone on the phone, visit and internet sites, or read any books without his review and approval. The list goes on.
My mother, on the other hand, took a much more "live and let live" style of parenting. If I wanted to do something, then I did it, and if I made a bad decision then I had to deal with the consequences, she was there to help guide me and to grow up and find my own sence of what was right and wrong, and to learn the difference between good and bad decisions, but she left it up to me in the end. If I wanted to watch some violent or sex filled movie, or play some violent video game, or read some edgy book, then I could- of course she was also there to talk to me about it and provide a context for what I was seeing.
Of course, when I was with my father I never cared about his rules, other than as something to get around. When I was with my mom on the other hand, I genuinely tried to make decisions that would not dissapoint her. Sure if I were talking on the phone for a minute longer than I was supposed to at my fathers I would be grounded for a month, and I think I could have gotten arrested and my mother wouldn't have done anything other than have a talk with me, but I cared that my mother was dissapointed in me, and that's what made the difference.
Sure I might have developed a few bad habbits because my mom would let me do what I wanted, but in the end I think that I am much better off for her style of parenting.
Re:Why? (Score:2)
Do you want me to call your parents to tell them to stop you reading Slashdot?
Re:Why? (Score:1)
So, basically, because you were a lazy asshole with no self-control, every parent in the world should apply those standards to their kids?
Am I reading this right? You "feel all kinds of regret and spite" because YOU were incapable of getting off YOUR tushy? Your parents should have forced you to do something like that, instead of treating you as a rational and competent human being?
Growing up, I spent a lot of time on the Internet. I also:
Re:Why? (Score:2)
hijacking an ask slashdot because you dont agree with or understand the need is both offtopic and rude.
seems like all of the comments so far are more of what you have offered: UNconstructive criticism.
Get off your high horse (Score:2)
Re:Why? (Score:1)
Cause we're nerds! (Score:1)
"The only thing..." (Score:2, Insightful)
Re:"The only thing..." (Score:1, Redundant)
Why (Score:2)
Re:"The only thing..." (Score:4, Insightful)
I'm glad we have such an expert on how to treat people like human beings.
So please enlighten us. How is limiting access to the internet to a reasonable amount of time (depending on the PARENT's standards/values/beliefs) not treating them like human beings?
If your child sat in front of the TV every waking moment they weren't forced to do something else, you would, I hope, limit their access. It's the same situation with computers in many cases. It's interactive, and possible to do many different things with the computer where the TV may be more limited, but if they're on the computer 8 hours a day and you don't consider it a problem then it will become a huge problem for them later in life.
Guaranteed.
As far as using the internet as a 'carrot', what about that do you really object to? Do you believe that children always make good choices with no parental influence? Do you believe choices children make don't affect their entire life? I certianly believe in letting them make their own decisions, but I'm going to curb them if they start going down a path I disagree strongly with, and I'll especially block them as much as possible if they start making decisions which will change their lives in a bad way.
Some decisions, made as children, have major lifelong consequences. It's better, in my opinion (and far easier!), to have lots of little nudges in the right direction constantly than to try to force several huge changes occasionally.
Personnally I prefer the carrot approach, rather than the stick, in helping my children make good choices.
Lastly, are you suggesting that animal mistreatment is acceptable? Why would you suggest that instead of parenting classes, if you honestly thought there was a problem?
-Adam
Re:"The only thing..." (Score:1, Interesting)
You're not in the right mindset to respond to this guy's post. When he says that the children should be treated like human beings, he's really saying, ``what right do you have to oppress these people?'' While anyone sane knows that it's a parent's job to raise their children correctly, eric.t.f.bat doesn't see it so. In
Re:"The only thing..." (Score:2)
Not only that, but with more and more places charging for bandwidth overage, maybe he's trying to make damned sure that with a network of computers one kid doesn't get to download 10x the entire family's allotment of bandwidth all in one go.
Cheers
Re:"The only thing..." (Score:1)
So please enlighten us. How is limiting access to the internet to a reasonable amount of time (depending on the PARENT's standards/values/beliefs) not treating them like human beings?
limiting the amount of time spent on the net is a perfectly reasonable parental thing to do, even used as a carrot. However, the grandparent mentioned non-technical alternatives. As in, instead of having a router automatically determine that they've used their X hours of net time for the day and shut them down, you sugges
Re:"The only thing..." (Score:3, Interesting)
I can kind of see your point - you're saying that it is better that a kid has the ability to break the rules without actually being limited to following the rules. That kind of makes sense.
So the follow up question is ... exactly as the original question, except that rather than limiting, just tallying and reporting?
Note that part of a parent's job is to socialise their child(ren) as to how the world works. Since it was originally pointed out how some WiFi hotspots already do this, then that's how the w
Re:"The only thing..." (Score:2)
this is becoming way too common.
KISS (Score:5, Funny)
"Get off the computer. Now."
If you were on the computer when you weren't supposed to, the phone cord from the computer to the wall would dissappear. Eventually they found the phone cord I bought at the hardware store, then the damn wall jack dissappeared.
Re:KISS (Score:1)
The only thing that he has to hold over their head (Score:3, Insightful)
Wow. That's quite the predicament. The only thing he can do as reward/punishment is control their net access. The. Only. Thing.
Makes one yearn for the good old days, when a parent was able to say "no" to borrowing the car, going on a date, purchasing the latest trendy thing, watching television, or assigning extra chores.
Re:The only thing that he has to hold over their h (Score:2)
Re:The only thing that he has to hold over their h (Score:1)
IIRC, the last scene was them denying him kitchen privileges.
Not so far from the truth of some families.
8-PP
NoCatAuth starting point. (Score:2)
Try using this (Score:1)
http://www.netams.com/ [netams.com]
He will do much better by acquiring a vertabra (Score:2, Funny)
Re:He will do much better by acquiring a vertabra (Score:2)
Suggestion (Score:4, Informative)
First, if it's just time restrictions, you can probably use your router's features. My router's setup page lets me block access from an IP range to a port range between a time range; I've used this to block a spam daemon on my mom's computer from getting to port 25 [yes, this blocked normal e-mail], or to block myself from wasting time past 7PM.
Barring that, I'd suggest writing your own server, or getting someone to do so for you. An HTTP server and a client are not hard to write; I wrote them in about a week of classtime each (got bored in my programming class). Or you can simply put a Perl script together that uses standard modules. Once you have a client and a server, it's a simple matter to tie them together, totaling the number of bytes transferred into a variable/disk file.
On a completely unrelated and stupid-sounding idea: does Apache stop serving when it can't write to log files? If so, just make it log proxy requests to a floppy disk.
Re:Suggestion (Score:1)
Why metering? (Score:2, Insightful)
However, metering them x hours per day of usage or x GBs of IO doesn't seem practical. It could lead to many arguments and hair splitting about how much they were really on.
I mean, how do you measure it? Do I measure the time a socket is connected? If they open the NYtimes and walk away from their desk, they will eat up their meter. Do I measur
What if they are not just wasting time? (Score:2, Insightful)
Re:What if they are not just wasting time? (Score:2)
<tongue-in-cheek>
Well if you wouldn't be on the PC so damn much you wouldn't have to pull late nites to get your projects done.
</tongue-in-cheek>
Seriously: the poster did not tell he wanted to set a "static limit" for internet access. He just want a means to be able to enforce a "contract" on internet tim
perhaps not perfect (Score:3, Informative)
http://www.akrontech.com/
Pull the Plug (Score:1)
Re:Pull the Plug (Score:1)
How is it that we manage to overlook the simplest solution? Passive parenting is a trend I do not agree with.
Re:Pull the Plug (Score:2)
in that case... (Score:2, Insightful)
apache+mod (Score:2)
CBQ should be mandatory! (Score:2)
So that you can say
"Prioritise this IP(and/or port), if not then share bandwidth equally"
Would a managed switch at least share bandwidth fairly?
I have CBQ on my smoothwall box but I'm finding it baffling - it should work but it isn't and so forth.
A default script that shares bandwidth equally would do everyone wonders.
I can't believe people are still walking into `the other room` and saying "Can you stop that download please?"
It should be built into every connecti
who's fault is that? (Score:3, Insightful)
How great is it going to be when... (Score:1)
That'll teach 'em!
Re:How great is it going to be when... (Score:1)
I was going to say:
There are much worse things than being online.
For instance: pregnant.
stupid question but... (Score:2)
1) grounding
2) no telephone
3) no driving priveledges
4) no allowance
5) no working
there's also the obvious "unplug them from the router". maybe a little
MAC address filter script (Score:2)
Unplugging the WAN cord on the router works too but is more indiscriminate.
How about plain old fashioned parenting? (Score:2, Insightful)
hahah! (Score:1)
Try InetShaper (Score:1)
Teenagers aren't dumb. (Score:2, Funny)
Dont put anything past teenagers. They're alot
smarter than most people give them credit for.
My oldest will have CCNA before he graduates HS.
Re:Teenagers aren't dumb. (Score:1)
Re:Teenagers aren't dumb. (Score:1)
Same need here, too... (Score:3, Insightful)
I work from home semi-regularly, and my broadband connection is my lifeblood at those times. For a variety of reasons, the in-laws visit fairly regularly. My father-in-law doesn't travel anywhere without his laptop, and since he's without broadband where he lives, he takes every opportunity to suck my connection dry by downloading every latest Linux ISO image he can find -- which really blows when I'm trying to get serious work done. I'd really love to be able to throttle his bandwidth down to sub dial-up speeds during my normal working hours.
(Ok, before everyone starts pinging me for not to him about it: I DID. HE DIDN'T GET IT.)
Re:Same need here, too... (Score:3, Informative)
2) Use bandwidth control on your firewall (My internet gateway runs FreeBSD, IPFW, pipe and queue, and I give small outbound packets priority over outbound large ones, AND limit the outbound large packets to a certain bandwidth so that externals downloading stuff from my machine don't affect MY downloads and other network stuff much - this is because many of the important outbound packets
Re:Same need here, too... (Score:2)
Except it isn't teenage girls. It's my father in law.
Ditto. My Father-in-law keeps coming around to use our broadband, they live two blocks away and he has a key. He does at least have the courtesy to call first.
Allow acces between certain times (Score:1)
Write two firewall configuration files. One allows access to the MACs of the teenagers ( the liberal file); the other blocks them (the restrictive file). Run 2 cron jobs to swap these (by renaming them so one is not regognised). At a certain time every day one cron swaps in the liberal script; later the other cron swaps in the restrictive one. You may also ha
Squid and Python maybe the answer... (Score:1)
Create a simple tcp server using sockets in python that let's you login and a client to go with it:
a. Initially, the python server disables all the users in the squid acl.
b. When you login using the client, the server authenticates you and checks in a text file to see whether you are there and how much time you have left, based on which it enables-disables your accesss by changing the squid ACL.
c. It can run every few minut
Ohh do i feel sorry (Score:1)
something else to hold over their heads (Score:2)
WOW. (Score:1)
Squidguard (Score:1)