Limiting web browsing on LTSP terminals

Running Linux
cover
Amazon | Powells
IndieBound

With LTSP, all applications run on the server. This is great for the low maintenance involved: install an application program once, and it is available immediately on all terminals.

However, some times you may want to discriminate between different terminals. For example, you may want to restrict web browsing at one terminal or another.

Because the browsers run on the server, all outgoing HTTP connections come from the same machine. This means you cannot just restrict by IP address. You need a finer grain of control, by X display.

There is no easy perfect solution for this problem. The best solution would be to have two different terminal servers, and have the two classes of terminals connect to the appropriate server.

I’ll describe my hack attempt to solve this problem. My approach was to set browser proxy settings based on the X display.

First, you must decide how you want to limit the browser. In my case, I created two browser proxy configure scripts, which are usable by Netscape, Mozilla, Opera, and Internet Explorer browsers.

Script for allowing internet access: “proxy.pac”

function FindProxyForURL(url, host) { if (isPlainHostName(host)

Mac on Linux

Mac on Linux is a software package for Linux running on a PowerPC processor. It will allow you to run MacOS in a virtual machine.

It is similar in concept to VMWare GSX, where the disk images are stored in the host’s file system but the guest VM screen is not tied to the host’s screen.

Hardware

I’m running it on an old Power Computing PowerCurve Mac clone. It has been upgraded to a 225MHz PPC 604 CPU and 128MB ram.

Software

Submitted by amillar on Sun, 2004-02-01 21:01