I'm a Linux beginner and not too familiar with all of the ins-and-outs of how IPsec VPNs work. I am a tech person and am comfortable getting into my box via SSH and messing around, because I know how to recover if I totally break something.
Here's my dilemma: I live in a remote area with no cell service but good internet, so I have an AT&T Microcell Device to get cell reception in my house. The AT&T device once powered on, fires up an IPsec tunnel to AT&T and that's how it communicates with their network. Putting the "Porn" block rule on this device does no good due to the tunnel, my kids are at that age, and switching off of WiFi and using the AT&T device to watch porn on their phones.
I know that there are ways to decipher the IPsec packets using tcpdump on the box with certain switches in the command. Is there anything I can do inside the firewall box using linux programs to decipher on the fly, maybe write tcpdump dump for the ATT devices IP address to a log, decipher packets, allow/deny based on a text file list, and then forward to the ATT device as the packets are incoming to the network, and then delete the log every few minutes so I don't run out of space? Pretty desperate here.
Please sign in to leave a comment.