Actually these last couple of proposals are a workaround for the fact that we can’t get privoxy’s domain whitelist feature off the ground. This is by far the better solution as we can still update normally but not users visit internet sites by mistake. @Goldstein any luck doing this?
Now @Goldstein add the whitelist instructions to your github page:
In /etc/privoxy/config uncomment the line below and then restart privoxy:
trustfile trust
Edit the newly created file:
kdesudo kwrite /etc/privoxy/trust
Add this rule rules at the end of the file then restart privoxy:
~*.i2p
Now it should block access and display a big red “UNTRUSTED” warning whenever connecting to a non whitelisted domain (with the caveat that you can override it if you press the go there anyway link but I assume the user is not retarded). Tor Browser updater can connect no problem.
N.B. This is not effective for https links. To block those change the setting below in about:config:
network.proxy.ssl;127.0.0.1
network.proxy.ssl_port;8118
Also might as well set privoxy for ftp proxying too.
Now it will say proxy refusing connections. I think @eyedeekay’s choice to set all the protocols (ftp, ssl, http) to 127.0.0.1:8118 was a more sound choice because ‘share settings’ doesn’t seem effective. Can you also add this to github?