Firestarter vs. Smoothwall? Squid? PFsense?

[Ghost]

I'm attempting to configure a Linux (or BSD) box to filter web access. What I need to do is block all web traffic and whitelist certain domains and ip addresses that are allowed to be accessed. I've been searching around the internet trying to discover my options and pinpoint a starting location. I've come across many, many different utilities and programs that seem to be able to help me accomplish my goal. My problem is that I'm a little inundated; I don't know where to start. Ideally, I suppose learning iptables (or the BSD equivalent) would be the best idea but I can't see spending all that time when I won't be using this on a daily basis.

Long story short, can someone help point me in the right direction? Based on what I'm trying to do, can anyone recommend a program or utility? I'm perfectly willing to learn something new but I refuse to struggle with poor documentation.

[Segfault]

Squid+Dansguardian

Of course, it depends on how big is your whitelist. Playing with local DNS is probably the simplest but not the strongest measure.

[Ghost]

Of course, it depends on how big is your whitelist.

The whitelist will be about 4 dozen domains and IP addresses. To what extent does the size of the list matter? Is there a limit to the size of the list?

[Segfault]

Simplest is not to use DNS and resolve whitelisted domains using local /etc/hosts file in workstations. This file exists even in Windows, I think.
Second simplest is to configure the DNS on your LAN to resolve only whitelisted domains.
These measures do not help to deny access if user is smart enough to use IP addresses, though.
Using a restrictive proxy and not doing NAT is secure and more elegant solution.