cost of hiring someone to setup a squid proxy and webcontent filter with a mikrotik

J

jamezjunk

Well-Known Member
Joined
Mar 17, 2009
Messages
320
Hello, any thoughts on what it would cost to hire someone to install a transparent squidproxy as well as a dansguardian like solution for webcontent filtering?

i work with a school with limited bandwidth that is wanting to block heavy downloads and track heavy users as well as disable acccess to certain content that is more robust than what OpenDNS can do. I could probably figure it out myself with online tutorials, but don't have the time so wanting to hire someone to do it. I don't know how much work it takes. I have all the hardware, just need someone who knows how to do it and can explain the ins and outs.

Also where would be a good place to look for someone that could do that that is reputable around southern suburbs of Capetown? Thanks.
 
AstroTurf

AstroTurf

Lucky Shot
Joined
May 13, 2010
Messages
30,534
jamezjunk said:
Hello, any thoughts on what it would cost to hire someone to install a transparent squidproxy as well as a dansguardian like solution for webcontent filtering?

i work with a school with limited bandwidth that is wanting to block heavy downloads and track heavy users as well as disable acccess to certain content that is more robust than what OpenDNS can do. I could probably figure it out myself with online tutorials, but don't have the time so wanting to hire someone to do it. I don't know how much work it takes. I have all the hardware, just need someone who knows how to do it and can explain the ins and outs.

Also where would be a good place to look for someone that could do that that is reputable around southern suburbs of Capetown? Thanks.
Click to expand...

If you want a nice set and forget system, contact kerio control for School pricing. http://www.kerio.com/products/kerio-control/pricing
 
AlphaJohn

AlphaJohn

Honorary Master
Joined
Sep 10, 2012
Messages
14,636
Why not do it yourself.

Install something like PFsense and use OpenDNS?

PFsense can do the transparent proxy with a simple tick and OpenDNS as your DNS and you can limit who goes where, they even have Preset selections for you.
 
Necropolis

Necropolis

Executive Member
Joined
Feb 26, 2007
Messages
8,401
Transparent proxy won't do much good - it doesn't catch any HTTPS traffic...
 
J

jamezjunk

Well-Known Member
Joined
Mar 17, 2009
Messages
320
AlphaJohn said:
Why not do it yourself.

Install something like PFsense and use OpenDNS?

PFsense can do the transparent proxy with a simple tick and OpenDNS as your DNS and you can limit who goes where, they even have Preset selections for you.
Click to expand...

Thanks, I currently am using opendns, but many are able to get around it with a vpn or changing dns info. I've tried to use the opendns tools to force them to use the opendns settings, but I can still easily log into a vpn and get around it. I am specficially wanting to be able to see which mac addresses are using high levels of bandwidth that doesn't require manually assigning IPs as we want people to be able to easily get online without a hassle, but just limit some of the heavy badndwidth sites like youtube, porn, and also be able to follow up, or shut off the internet if we find anyone is a very heavy user.
 
J

jamezjunk

Well-Known Member
Joined
Mar 17, 2009
Messages
320
AstroTurf said:
Yep...
Click to expand...

Thanks didn't know that.

what would be the best option then to be able to track what mac address is downloading heavily. I want to be able to keep the network open and easily accessible for all guests, students and staff, but be able to tell if some have found a way to download heavily and be able to block them or heavily shape them. If they are abusing the line, I would just block them and force them to bring their computer in to unblock it. Any thoughts on the easiest solution? I am currently using opennds, but some are clearly getting around it. Thanks for the help.
 
AlphaJohn

AlphaJohn

Honorary Master
Joined
Sep 10, 2012
Messages
14,636
jamezjunk said:
Thanks, I currently am using opendns, but many are able to get around it with a vpn or changing dns info. I've tried to use the opendns tools to force them to use the opendns settings, but I can still easily log into a vpn and get around it. I am specficially wanting to be able to see which mac addresses are using high levels of bandwidth that doesn't require manually assigning IPs as we want people to be able to easily get online without a hassle, but just limit some of the heavy badndwidth sites like youtube, porn, and also be able to follow up, or shut off the internet if we find anyone is a very heavy user.
Click to expand...

Thats where the PFsense firewall come in to play. Block anything out except for 80, 25, 110 or what you want to use and only allow 53 to opendns.
 
Necropolis

Necropolis

Executive Member
Joined
Feb 26, 2007
Messages
8,401
AlphaJohn said:
Thats where the PFsense firewall come in to play. Block anything out except for 80, 25, 110 or what you want to use and only allow 53 to opendns.
Click to expand...

I'd use the PFsense box as the DNS server - and point it @ OpenDNS - set all machines on the network to use the PFSense box and block anything other than the PFSense box from accessing port 53.
 
J

jamezjunk

Well-Known Member
Joined
Mar 17, 2009
Messages
320
AlphaJohn said:
Thats where the PFsense firewall come in to play. Block anything out except for 80, 25, 110 or what you want to use and only allow 53 to opendns.
Click to expand...

Thanks, never used pfsense before. Does it provide the option to sort bandwidth usage in a week by highest user sorted by mac address? most only do IP which is not hepful where DHCP can be easily reassigned. Also, would it have the option of identifying which mac address is attempting to access heavy streaming sites?
 
Peon

Peon

Expert Member
Joined
Sep 28, 2006
Messages
3,666
IPfire, mikrotik accounting and Ntop. Have it sorted for a school I manage.
 
S

syntax

Executive Member
Joined
May 16, 2008
Messages
8,656
jamezjunk said:
Thanks, never used pfsense before. Does it provide the option to sort bandwidth usage in a week by highest user sorted by mac address? most only do IP which is not hepful where DHCP can be easily reassigned. Also, would it have the option of identifying which mac address is attempting to access heavy streaming sites?
Click to expand...

Is there no authentication mechanism? AD / LDAP / Radius
If not it wouldnt be particularly hard to setup, each user gets their own login credentials and you track usage based on that.
Far easier than MAC or IP based
 
J

jamezjunk

Well-Known Member
Joined
Mar 17, 2009
Messages
320
syntax said:
Is there no authentication mechanism? AD / LDAP / Radius
If not it wouldnt be particularly hard to setup, each user gets their own login credentials and you track usage based on that.
Far easier than MAC or IP based
Click to expand...

Thanks, but I don't want to require people to set up a username and password, I want it as simple to long into as possible.
 
You must log in or register to reply here.
Top