1

I have the following connections in my house:

https://docs.google.com/drawings/d/1W_kC40Z64U8EY3szAM3wnLO9w1OOOQUifdEE--webGM/edit?usp=sharing

Shows the internet connection coming in, a physical cable going into the router, and then all computers connecting to the router using a wireless connection.

I want all internet traffic to go through a proxy so I can add some control. I have children and want to add some control to the internet connection which isn't possible from the router directly.

So I was thinking about setting up a simple router, maybe in the form of a raspberry pi? to become a router, which I think means the above diagram will change into something like this:

https://docs.google.com/drawings/d/1CvELFeNi5R8gTJsG9q1eLNCD2b_Qm4r_F1m93uFdUhc/edit?usp=sharing

My question is, is such a setup possible? i.e. using a raspberry pi as a router which connects to the router using a physical cable, and then all devices connect to the internet going through the raspberry pi, which should allow me to install some software in some sort of debian distro installed in the raspberry pi's sd card to monitor and control internet traffic?

Improve this question

1 Answer 1

Reset to default
1

Yes, such a setup is possible. If you have a DD-WRT or Open-WRT based router, you may be able to configure its firewall to limit access to a separate server running the proxy or filter. I don't know how much traffic the Rasberry can handle. Depending on how much traffic the household generates, this may not be a problem. If it can't a second-hand computer should be able to handle the load more or less the same configuration.

I have configured Squid as both a transparent and non-transparent proxy. To filter traffic you can use a DNS solution like OpenDNS to block names and or web/content filter to block content. HTTPS did not work over the transparent proxy, but works well over the non-transparent proxy with limited logging. Most proxies will have logs that can be scanned to review which sites (URLs) were visited by whom.

If you can use firewall rules, I would add the proxy as separate device. If not you will need to implement much of the routers functionality in the proxy. If the router is attached to a Modem, then you should be able to put the proxy between the router and the network. This will make the hardware requirements for the proxy simpler.

One issue I did run into is that a number of sites run on non-standard ports. If you can live without then (quite likely), then you can limit the proxy to the HTTP (80) and HTTPS (443) ports.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .