The only internet I have is an “unlimited” plan from att, most of the time past my cap it’s 120kbps
Barely usable so I want to use PFSense to block Microsoft shit like updates, spying and security from every pinging outside the network for any reason at all
Second I need to set up caching so I don’t have to RELOAD the same YouTube ads and website pages
Now here’s my problem
I don’t have any wifi cards except for the intergrated one in my laptop
So I either need to have USB tethering working in PFSense or have my laptops wifi antenna both act as an AP AND connect to my internet phone’s hotspot AP
I have my internet phone for hotspoting it’s in the one location I get signal in the house permanently, then I have my laptop, and then my daily phone
I know zilch about Linux and I could use some help
Squid reverse proxy + cache on the PFsense box for caching http
Also take into consideration:
Pihole will be more effective for blocking the microsoft stuff (and ads).
Run it on an actual raspberry pi, docker, old computer and set it to be the dns server for your Pfsense (or current router). Use pfsense or current router to block all DNS traffic that is not coming from the pihole to ensure its doing its job.
Blacklist for Microsoft on pihole:
My raspberry pi is locked up in my mom’s storage unit that she has yet to pay for :I
Do you have a separate box for PFsense or are you running it on a vm on you laptop?
Super cheap not cheap enough?
Hmmm, might need the W version for wireless which will be more than the $5 version.
I was just going to dedicated the laptop to pfsense, Sandy bridge doesn’t age well if it’s not on a ssd
Would it be possible to load up win7 on it, USB tether, then run pfsense in a VM under 7?
No job at the moment, I gotta get my feet fixed and that could take months
Well, it will make for a super fun network config, but you could run a pfsense VM and point your devices to that cache/dns/pfblocker instance…
So everyone still joins the hotspot to give a network fabric, but then they manually point to the pfsense kvm/vm/virtualbox for dns and perhaps default route…
It sounds like you will really only have one or two things connected to your pfsense / hotspot. You could use two VMs one for pfsense one for pihole. That would be using your existing hardware, so no extra cost.
Since it sounds like you are running a very slow connection and you don’t have many devices there is not much concern for network performance being hit by the virtualization. I would not worry about the caching as fewer and fewer things are being served http.
Squid would be more useful for caching windows / app updates if you are serving more than 5 computers really.
There’s either a plug-in or something you can do and it makes squid cache https
I’ll have to Google for it again but that’s what the guide claimed
And I really need caching for YouTube ads more than anything
You can do it, in pfsense I think you have to use the dev version of squid but I haven’t played with it in a while. It’s generally more trouble than it’s worth especially if you are the only user. Caching https also removes your ability to verify certificates on the sites you visit, so keep that in mind.
I have no idea how well squid will cache YouTube ads but if I had to guess it would be somewhere between not at all and not very well.
While pihole may be easier to use for blocking Microsoft stuff you can also do it in pfsense with the pfblocker package and it’s DNSBL.
This may help with the windows updates
I do suggest not outright ignoring them so WSUS Offline will be a necessary tool.
At that bandwidth, just phoning home to MS tanks it
+1 on doing this in one vm. A thin client would really be you friend here imo, but if budget is zero, it is what it is.