Third party cookies may be stored when visiting this site. Please see the cookie information.

Learn Linux Index

Getting started

The Linux shell and command line programs

System administration

Networking

Servers

Virtual machines

Web development

Programming

Other links


Kidsafe filter configuration

This is a guide to configuring a client computer adding new rules to the KidSafe Internet filter software and proxy server onto the Raspberry Pi. For instructions to installing the Kidsafe proxy see: Guide to installing KidSafe family proxy on the Raspberry Pi.

All client computers that are to be protected need to be configured to access through the proxy server. This can be configured on most computers using the general Internet settings, or in this case I've configured it directly within the Firefox settings.

configuring Firefox to use the squid proxy server - kidsafe family filter

The client needs to be provided with the static IP address of the proxy server and the default port is 3128.

The exclude list needs to include the address of the proxy server or a subnet including the network address range (as in the screenshot). Some browsers do not have the option to exclude network ranges (eg. Midori), in which case it may be necessary to use a different browser to login if using restricted login lists. Once logged in it is possible to go back to using the preferred web browser.

Rules are normally added by using the Website blocked page when the site is first accessed. The parent (username 'admin') would add the rules. It's also possible for another adult user (username 'adult') to be able to provide temporary access to a user without adding a new rule.

Adding an allow rule

The following uses the username: admin password kidsafe. Other username / password combinations are included in the database.txt file.

In this example a child has come access a link to the website www.firstaidquiz.com. The default rules do not allow any sites by default so gives the blocked site page.

blocked website

At this point the child would call over a parent who can add this to the allow rules.

add a rule to kidsafe

Using the Add new rule section we add the site to provide access to. This can be a full server address, a domain prefixed with a period '.' to match on any sites in that domain or a regular expression.

The appropriate group should be selected in the "Add to" pull-down list. In this case allow-everyone will allow access to any users without needing to login.

The time can be set to only allow this for a certain period of time, or can be set to 'Always' to add this permanently.

The parent will then use the admin username and password to add the rule.

Add a new rule to kidsafe family Internet filter

There will be confirmation that the rule is added and a link to continue to the original website.

The requested website can now be accessed.

First Aid Quiz website accessed through the kidsafe proxy

Adding a site which requires a login

In this second example we are going to add a site that needs login authentication. In this case I've chosen the social networking site Facebook, which would not be suitable for younger children, but can be accessed by teenagers and adults.

The blocked page is presented when the user first accesses the site.

Website blocked by Internet filter - facebook.com

Once again we use the "Add new rule" option, but this time I've set the allow field to "allow-teens". I've also included an optional comment.

Adding access to facebook.com through a family Internet filter

After confirmation that the site has been added clicking on the link once again shows the blocked.php page.

This is normal behaviour as the user must be logged-in using the teenager or above login.

Logging on to the kidsafe Internet proxy

Logging on to the kidsafe Internet proxy

After logging in the user can now access www.facebook.com, but there appears to be a problem.

Logging on to the kidsafe Internet proxy

We can now access the pages at www.facebook.com, but the page hasn't loaded correctly. This is because like some other websites the site is actually spread across several different pages.

This is a fairly common problem, which can be fixed by looking at the logs and adding the appropriate rule directly. The logs are accessed using
sudo tail -f /var/log/squid3/kidsafe.log
This will view the log file in the follow mode so that you can watch as new entries are added.

From version 0.2.0 or later you can also view the log from the dashboard. Go to the website on the proxy server /kidsafe/index.php and click on the dashboard link.

Checking the kidsafe Internet proxy logs for blocked sites

In this case we can see lots of REJECTs against two servers in the akamaihd.net domain. We can go to the webpage kidsafe/addrule.php to add this rule directly.

Adding an included site to the kidsafe Internet proxy

In this case I've added to the entire domain using .akamaihd.net as the host entry.

Accessing Facebook social network site through the kidsafe Internet proxy

Logged in users (teen and above) can now access Facebook.

Previous KidSafe family proxy on the Raspberry Pi
KidSafe family proxy on the Raspberry Pi
Next Configuring kidsafe on an Android Tablet
Configuring kidsafe on an Android Tablet