Blocking facebook
-
I found an option from the forum itself. Go to http://forum.pfsense.org/index.php/topic,34321.0.html. Also I added another IP range 69.171.224.0/19 since Facebook also uses this range. Now, the Facebook is entirely blocked unless they add another network.
-
Try several more:
69.63.176.0/20 66.220.144.0/20 204.15.20.0/22 69.171.224.0/19 74.119.76.0/22 173.252.64.0/18
http://whois.arin.net/rest/org/THEFA-3/nets
-
Thx a lot Jimp. I added Facebook in dns forwarding and is now forwarding it to my local IP. This has disabled Facebook completely.
-
Thx a lot Jimp. I added Facebook in dns forwarding and is now forwarding it to my local IP. This has disabled Facebook completely.
If you do that, make sure you also block access to outside/external DNS servers, or someone can just hardcode the DNS on their PC to get past that.
-
Already done that. Thx for advice Jimp.
-
And leave your IP blocking in place against the sneaky people who edit their hosts file :)
-
Or people who just keep an IP handy for facebook.com cause they are that addicted. :p
You should point facebook.com to an internal webserver that brings up a page with a page that says get back to work! ;)
-
What about all the web auto-proxy services that will not use facebook's IPs or DNS? You'll need some internal monitoring to catch those, unless you manually blacklist all of them.
-
There are only so many technical solutions to a social/HR problem. No technical solution will ever be perfect.
If you put up all of these barriers and someone still gets on Facebook, they should be disciplined/fired/etc.
They'll probably give up doing it on the PC and just use Facebook on their smartphones all day anyhow.
-
A much more succinct version of what I was getting at, Jimp.
I'm going to use that line next time a client asks me to block site <whatever>. They've got to change the culture rather than rely on a lazy technical solution.</whatever>
