Convert an old Pentium PC to a site filtering firewall

I have several old Pentium PCs that are gathering dust.  I realize I could use Smoothwall to convert one of these old PCs to a firewall.  But what I really want to see in a firewall is site filtering.  Smoothwall does not appear to support such a feature.  That is, the ability to block access to adult web sites.  The filtering can be primitive, such as building a blacklist by inputing keywords that would block user access to the site if the keyword appeared in a URL.

Is this possible?

I realize that hardware firewall solutions exist out there, but they often charge $25 per month for this service, but this seems like overkill for my needs.

Suggestions?
SofttechAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rsivanandanCommented:
Based on your budget you could get Surfcontrol or Websense and both of them does a great job. But they come for a price.

Now if you want to turn those pcs and use it your own way then a start can be like have that PC configured as a Proxy Server and make all your internal machine go through the proxy for browsing. Then you basically build your hosts file with what you want to allow and what you don't.

Say one day you decide not to allow any outgoing connections to www.yahoo.com; then go to your Proxy Server and add the following in your hosts file;

127.0.0.1 www.yahoo.com

So because of the bad DNS resolution, the end user won't be able to get to it. Also you can start with a prebuilt hosts file which blocks a lots of unwanted sites (http://www.mvps.org/winhelp2002/hosts.htm)

Go get it and you should be on your way...

Cheers,
Rajesh
SofttechAuthor Commented:
>> you could get Surfcontrol or Websense and both
>> of them does a great job. But they come for a price.

I'd rather not have to pay for a monthly subscription.  Plus, we have numerous PCs on our LAN, and we want protection on all.  Buy commercial apps on all the PCs will cost even bigger $$$'s, which is what I'm trying to avoid.

>> Now if you want to turn those pcs and use it your own way then a
>> start can be like have that PC configured as a Proxy Server and
>> make all your internal machine go through the proxy for browsing.

That's won't work since I don't want to block web sites based upon their domain names.  I want to block web sites based upon the URL passed to a web browser.
rsivanandanCommented:
I don't think you have a free one available which will do something like that.

Cheers,
Rajesh
SD-WAN: Making It Work for You

As bandwidth requirements and Internet costs grow, businesses naturally want to manage budgets by reducing reliance on their most expensive connection types. Learn more about how to make SD-WAN work for your business in our on-demand webinar!

giltjrCommented:
Squid (http://www.squid-cache.org) a free proxy server can do this.  You can configure it with black and white lists.  Free download, runs on Linux.

I am running it on a PIII 400 Mhz with about 300 MB.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rsivanandanCommented:
Can it allow browsing based on the URL passed to it? I mean instead of domain name?

Cheers,
Rajesh
giltjrCommented:
It can block/allow based on a full or partial HOST name.  Example:  http://www.notallowed.com

You could block based on any of the following:

  www.notallowed.com
  www
  not
  allowed
  com
  talo

well you get the idea.
rsivanandanCommented:
Oh cool. I guess this is what the author is looking for exactly.

This should serve his purpose.

Cheers,
Rajesh
SofttechAuthor Commented:
>> I guess this is what the author is looking for exactly.

Well, perhaps...

I'm not crazy about the idea of having to install a new OS on this PC.  That just adds a new level of complexity.  Also, there's a difference between a firewall (Smoothwall) and a proxy server.  One being I've never set up a proxy server before.

rsivanandanCommented:
Softtech,

   We are here to offer help whatever we know. Now, whatever we suggest here is definitely going to involve some study in there, right? Also remember Firewall is not designed for what you are asking for. You need to rely on other softwares out there.

   Most of the people go for commercial software for the reason that the websites to this globe add-up like crazy and those commercial guys does the job of adding *good* and *bad* sites to the database for whoever pays for it.

  So to be exact as in your own words, "there is a difference between a firewall and a proxy server". Every software that is designed to filter web traffic is doing Proxy and not firewalling. I hope you understand.

Cheers,
Rajesh
giltjrCommented:
Well, if you are into doing reseach and learing this could help you a lot.

Smoothwall is really a pre-packaged Linux OS, so if you used Smoothwall you would be installing Linux anyway.

I have not used Smoothwall, but most (not all but most) Linux based firewalls are really just based on iptables and they give you a customized and easy to use GUI interface to configure iptables.  I just looked at it and it has a webproxy, it could be Squid, it may not be.  

True a proxy is not a firewall, but a Linux box with a proxy server on it can be configured to be a firewall.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.