It is not possible to filter HTTPS (SSL) pages this way (as transparent proxy), recompilation of the packages with SSL support and some more tinkering is required. Tinyproxy can than be configured to (see option Filter) to allow certain pages. To redirect all webtraffic (port 80) to tinyproxy running on the router (whose ip is 172.29.0.1 here): config redirect The kernel timezone is configured in /etc/config/system. The option “–kerneltz” will make the firewall use the kernel timezone instead of the default, UTC. To turn off the internet at certain times: config rule Some pieces are explained in more detail now. The order of the rules is important, as traffic is checked against all traffic until it finds a matching rule. This has the advantage of being able to use the webinterface as well to change the rules. I am sticking to the configuration via /etc/config/firewall, although iptables can be used directly. It has to be enabled so /etc/config/tinyproxy has to be changed to contain option enabled 1 and it has to be started via /etc/init.d/tinyproxy start. Tinyproxy is used to allow access to some defined HTTP sites.
#TINYPROXY CONFIG INSTALL#
For this to work, the WAN port should be connected to the home network with internet access, the to-be-filtered clients can connect via WLAN or LAN.įirst step after connecting via SSH is to install the required software (note: the WR841ND will be pretty full so if you want to install more software, get a bigger model or do some USB tricks): # opkg update & opkg install ipset tinyproxy The internet filter will be set-up between those two, so that every package from the “lan” is checked against a set of criteria and then allowed (or not) to go into the “wan”. The WAN port represents another network called “wan”. In the default configuration, the LAN ports and the WLAN is put together into a virtual network called “lan”. After setting the password, one can configure the device via ssh as user “root”. On first access, the webinterface asks for a password to be set.
#TINYPROXY CONFIG HOW TO#
the TP-Link WR841ND or its bigger brother TP-Link WR1043ND (moar power!).Īfter following the wiki pages on where to download and how to install the firmware, OpenWRT boots on the router. It is an open linux plattform for various WLAN routers, e.g. If course, primarily this should be handled by talking to the kids and trust! And im not promoting monitoring!Ī technical filter solution can be implemented with OpenWRT (15.05 and up). Therefor, when some content should to be blocked from somebody (e.g.