I want to restrict access to all websites outside of a list of allowed domains. (localhost, superuser.com, stackoverflow.com, etc.) I would like this to be applied system-wide and to be browser agnostic.
How do I set this up?
These things can be done,
HowToGeek OpenDNS reference .
Squid Proxy Server On Ubuntu 9.04 Server
with DansGuardian, ClamAV, And WPAD (Proxy Auto-Detection).
A host-based firewall should work.
Unfortunately, the Windows XP firewall does not support outbound filtering .
The firewall software in Windows XP was simple and rudimentary and protected incoming traffic only, blocking any inbound connections that had not been initiated by your computer - and it was turned off by default. Service Pack 2 turned it on by default and made it possible for administrators to enable it via Group Policy.
But, other firewalls will probably allow you to control outbound connections.
Typically, I have seen application based control (rather than port or domain based) in Windows based firewall tools. However, there may be other forms (here is a quick reference to some Windows free and trial firewall apps ). Others may have more information on this.
If the users do not need administrative rights,
setting up that way will not allow them to change your configurations.
Any third-party application will probably also prohibit configuration changes by non admin users.