Hello, I’ve been trying to find any information I can when it comes to this topic;
I’m really thinking about ditching paying the 50$ yearly cost for the home edition of untangle; and moving to pfSense.
My question is does pfSense allow the type of configuring like untangle? Where you can set tags for example:
KID - Blocks porn, social media, ads,
ADULT - Doesn’t block anything but ads, and malware sites etc.
e2guardian but it is not a simple install on pfsense because it is not a official package.
Also as thigs progress to encrypted traffic, you may need to create certificates and install those on clients to do man in the middle inspection, there are menu choices to set up the filtering this way, but still a bit of back end work to make it function. You can force unencrypted DNS though, then stuff should get trapped in your filters.
There are some options for this in pfBlockerNG using DNSBL but it might not be quite as pretty. You may want to consider using a cloud based DNS service to filter based on category and having a kids network and an adult network with different sets of rules or different DNS servers. You would have to figure out how to block DoH, and pfBlocker does have a number of resources for that (lists and DNSBL SafeSearch), as well as redirecting outbound DNS and DoT ports so they are served by your server or maybe just blocked altogether.
Remember though that a motivated kid will always find a way around so dont expect it to replace good parenting (I say this as someone with kids so I know).
I found this helpful: https://support.opendns.com/hc/en-us/articles/227988027-How-to-prevent-users-from-circumventing-OpenDNS-using-firewall-rules