Block WeChat and TikTok
-
Hi,
How can I block inbound and outbound traffic from WeChat and TikTok? I
-
The most effective way is to unplug your Internet connection
!Ok, just kidding there, but that is really the only way to be 100% guaranteed such services are blocked.
Blocking those, and other services such as YouTube, Facebook, etc., is very difficult because they do not use a single IP address. They have servers located in data centers all over the world, and the different servers connect to the Internet via different IP networks using CDNs (content delivery networks). It is not as simple as blocking some host that only has a single IP address that it uses.
For load balancing purposes and other reasons, CDNs typically put very short TTL (time-to-live) values on the DNS entries for such services as WeChat, TikTok, YouTube, etc. Sometimes these are as short as 2 to 5 minutes. So two different clients attempting to resolve one of those domains can actually receive and use two completely different IP addresses.
Most pfSense users are installing the pfBlockerNG-devel package and configuring it with ASN lists for the services they want to block. There is an entire sub-forum here just for pfBlockerNG. You can get some input from others by posting questions there. Here is a direct link: https://forum.netgate.com/category/62/pfblockerng.
