Today, thanks to the Internet we can easily and quickly, and usually without any restriction, access to information of any topic. This means even the youngest in the family can get into any website anytime and this can be a problem when the child is in front of the computer all day.

For this reason, this PSA offers the parents the possibility to manage the times and websites which are allowed or blocked.

The list of capabilities are (extracted from manifest):

• Filtering_L7: Allows to filter the traffic
• Timing: Allows to set the time interval the rule is operative.

The internal used technologies are:

• Squid
• iptables
• ebtables
• jq

"father;no_authorise_access;Internet_traffic;(type_Content,gambling);"

• This rule forbids the traffic to the contents like gambling

"father;no_authorise_access;Internet_traffic;(specific_URL,www.upc.edu)"

• This rule forbids the traffic to an specific url. In this case to www.upc.edu

If you find any issue please contact us.

The Parental Control PSA pretends to offer the possibility to block all the traffic the user wants to block. The most clear example is the father who wants to manage the websites his child can access to. This PSA allows to manage the time interval in the day a concret website (or more than one) is available also.

The PSA acts like a transparent proxy managed by Squid.

VM technology allows creating a full system for the PSA. The components used in this PSA are:

• Operative System: Debian 7 "wheezy"
• iptables
• ebtables
• brigde-utils
• squid3
• jq

There are no extra requirements apart from the correct user configuration passed to the PSA.

There are several components in the internal architecture:

• Inspect and route traffic. ebtables is used to set up rules to inspect Ethernet frames between eth0 and eth1 and force the traffic to be routed instead of being just bridged. By this, the traffic will be routed through the Squid proxy.

• Filter the traffic. Squid check all the traffic, blocking it if the user configuration indicates it must be blocked.

There are no rules

There are no needed certificates

The procedure to create a valid PSA image from scratch start with the prerequisite instructions defined in PSA Developer guide to obtain a valid base image for PSA.

Install the software Squid:

sudo apt-get install squid3

Copy the necessary files of this project in the folder:

$HOME/phytonScript/

This PSA supports the mobility scenario.

If you find any issue please contact us.

No extra files required.

PSA is based on a Virtual machine image in KVM- kernel module format ".qcow2". A sample image has been included in the project.

• XML

The PSA manifest in format XML is available at Manifest. This file must be stored in the PSAR. And reflects the capabilities described below.

• JSON The PSA manifest is available at Manifest.

The HSPL format is defined as follows:

• D4.1 format:

father;no_authorise_access;Internet_traffic;(type_Content,gambling); father;no_authorise_access;Internet_traffic;(specific_URL,www.upc.edu)

• More friendly:

Father does not authorise access to this type the type of content gambling

Father does not authorise access to the url www.upc.edu

The MSPL can be found here

The M2l plug-in is available at M2LPlugin

This plugin do not need additional external information in this version that must be store in the PSAR.

The list of capabilities are (extracted from manifest):

• Filtering_L7: Allows to filter the traffic
• Timing: Allows to set the time interval the rule is operative.

Testing scripts are available at test folder

Please refer to project LICENSE file.

This software incorporates Squid and it is open source software licensed under the GNU GPL.

• Application: UPC
• MSPL: POLITO,UPC
• M2L Plugin: UPC

• Tests