The title says "a work around." That isn't misleading.
Well your solution is taking away the scheduling that's available in efw.
Don't get me wrong, OpenDNS is great and I've been using it for quite some time
I look forward to seeing your solution.
After some digging the only robust and convenient solution seems to be blocking by IP addresses:
- robust because DNS can be bypassed if you get hold of the IP.
- convenient because using the endian proxy blocklists you can schedule the blocking, e.g. have webmail domains open only for an hour at noon.
Also, you have to whitelist these domains on OpenDNS.
That should be an ok solution.
I'll test this with a cron script to get the IP addresses from a domain list file; those addresses are then to be blocked by endian's dansguardian.
Running that script once a week might be sufficient because the addresses should not change too often..but that's only a wild guess. The frequency can be determined later some time.EDIT
: the contentfilter really doesn't care about https so an IP list is here not of much help. The IP list has to be stuffed in an outgoing firewall rule.
Unfortunately there does not seem to be a schedule for these. A cronjob with an iptables command should be a viable solution.