If you promise to read my opinions I promise to share what I'm doing! (Actually I will go either way on this argument depending on the situation, so just bear with me going to the other end of the spectrum you're on. :) > It sounds like they just want to get ride of filtering software, instead of improve it. This issue at hand is how do you mark something as objectional when weather it is objectional or not is objectional. Why, you end up in an inifinite loop my friend. > I was asked to install filtering software, and that is what I am going to do. Sounds like a good idea on paper doesn't it? > Question. Can you get "Adult" books, magazines, or videos from the Library? No. Yes, you can get book with adult themes that are more provocitave than any porn you can find on the internet. But but, you might have to use your imagination! The horror of it all. But no, you won't find simple minded porn, which is enjoyable in it's own way I suppose. > So why do people think they should be able to get simular content from the > Library's Internet connection. Now when it comes to the Internet connection I > pay for, No I would not want it filtered, and I belive that is my right. But at > work, the Library, and School I would expect it to filtered. Well, isn't that what the internet is for? Getting access to information that isn't available at the libiary? If I was doing research and the libiary didn't have a resource I needed, I'd hope I'd be able to find something on the net without getting an access denied type message. > > bla bla bla... I realy do not want this to turn into a big debate Too late! > but I am really interested in what Content > filtering solution I am sure some of you have had to setup. Allright Allright. I know the other side of the argument and it is just as valid. After all, business owners are paying for internet access for business, not so they're employees can look up info on the latest games, porn, or what have you. So here is what I do: We use squid as a proxy, a content controlling proxy, and a cache server. Our firewall rules limit web requests so that they can only come from the cache server, thus forcing everyone to use the squid box to get out to the net. (There are better ways I'm sure, but that is how it was set up when I started at this place, which is by far a better place than I left, as you probally know. :) For content control we use squid block, which is something of a user maintained list of bad sites. It is far from complete, as say, planetquake is blocked yet planetunreal and planethalflife are not. You get the picture I'm sure. Cron jobs update the list from the main sight. ( You should be able to find this off of http://www.squid-cache.org ) "Privliged" users are given a DHCP reservation (excuse the MS term there...) which basically means that the Linux DHCP server always gives the same IP address to the MAC address of a computer. Since most of our computers are in individual offices it isn't too big of a concern, the NT logon log has been able to clear up the few issues we've had. "Unprivliged" users get a dynamic ip. Squid knows what range of IPs are privliged and unprivliged, and those are the only two access levels we have. Privliged level still filters for port and the like (and does a semi-decent job of it, but if sex is part of a legit domains name it will screw up...) Unprivliged IPs are restricted to a list of sites that managment (and myself) decide are necissary for business. Generally this includes shippers sites (UPS, FedEx, etc.), suppliers, sites like windows update and other support related sites, and a few other misc sites that don't fit in to any other catagory. Durring lunch time and after hours, they get the same access as unprivliged sites. For the most part, it works. I think something similar could work in the a libiary situation if some level of web based administration was set up. If squid blocks a site, it should present the user with a page that explans why and a web form to fill out to submit a request for review to the assistants on duty. On this page should also be displayed a list of recently reviewed sites with some easy to understand indicatior of the reviewers opinion (red, yellow, green for simplicity. Red for stay blocked, yellow for certin machines [ie, those not in the children's area] and green for all machines.) The attendents make a immideate judgement call that stands until the next review by some sort of community board. The sites reviewed are reviewed by this body, and changes go into effect and are subbmitted the national database. After another review, the changes are in the national database. The database priority would be something like this: national state county city? libiary/school The more regional levels can override all levels above it. Well, it still isn't a perfect idea, but I feel it's a step in the right direction, espically for the public libiary system where OSS should shine. I'm going to forgo any proofreading, grammer, or spell checks on this e-mail as I am somewhat sick, quite tired, and very cold. My bed with the electric blanket is over riding the filters that would otherwise make me take these actions. (Well, that was a really lame attempt at an example of my system at work wasn't it?) -- | Andrew S. Zbikowski | Home: 763.591.0977 | | http://www.ringworld.org | Work: 763.428.9119 | | http://www.itouthouse.com | PCS: 612.306.6055 | | This message is protected by double ROT13 | | encryption. Any attempt to circumvent the | | digital protection is banned by the DMCA. | -------------- next part -------------- A non-text attachment was scrubbed... Name: andyzib.vcf Type: text/x-vcard Size: 2267 bytes Desc: Card for Andy Zbikowski (Zibby) Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010119/46757a2f/andyzib.vcf