I Cannot block Instagram thru pfblockerNG
-
Hi Dears,
I am facing issues to block instagram in my home PCs by using pfblocker NG. I hav tried ASN level blocking and some how its not bringing the IP address while updating or reloading. Alternatively, I hv tried to create blacklist aliases of instagram domains and made rule to block it. It doesnt block as well. Any guidance will be much appreciated to achieve my goal.Thanks
Cleetus -
@Cleetus-Antony
I used a DNSBL Custom_List. Go to PfBlockerNG->DNSBL->DNSBL Groups
Then Edit one of the groups and enter a list of domains in the DNSBL Custom_List box.
See images:
It may work with a couple of entries like this:
www.instagram.com
edge-chat.instagram.com -
Sledge hammer DNS solution :
Instead of trying to figure out all possible host names, use this "block any dns request with the word 'instagram'" approach :First : activate :
Then :
^.*instagram*[_.-] #test Some_commentThen
and hit Run.
Then : empty your own local DNS cache (your device ^^)
Windows PC :ipconfig /flushdnsNow try to visit insta in a browser.
All I saw was :
I'll leave it in there for the weekend, see what happens ^^
-
@Max-6
I had this same setting. It didnt work though. -
Well ... you saw what I did. That's why I use no words, but images.
Do the same thing and it should work.Look carefully at what you entered when making 'regex' statements.
-
M michmoor referenced this topic on
-
There may be more to this than PFBLOCKERING/PFSENSE. Remember that browsers offer the ability to use DNS over HTTPS. Basically Firefox, Chrome, Edge... can use HTTPS to forward DNS requests straight out to the internet, not leaving it to your router to do. It's encrypted as well on port 443 so your router can't stop it. You have to go into the settings of the browsers you use and turn it off.
Your DHCP settings can also be providing an internet DNS server IP to your computer's network settings so make sure that DHCP is providing your PFSense IP or the IP of your internal DNS server if you have one other than PFSense. I do, and have my DNS server forward to my PFSense box, which then takes over.
In either of these cases, If DNS queries are direct from the browser to the internet, or to an internet DNS IP provided to the desktop via DHCP, PFSense/PFBlocker is 'out of the loop' at that point.
