How to block facebook in 4 ways
-
Hi pFSerians! Good afternoon! :)
How-to block facebook in 4 ways:
1st: Get the CIDR of facebook using the domain_whois_tool
- OR use my Aliases CIDR http://imageshack.us/f/193/cidr.png2nd: Create Aliases, put all CIDR of facebook (i named it fbips as description) and create ports 80/4443 (i named it fbports as description)
3rd: Create a firewall rule in LAN > Action is Reject > TCP as proto > DESTINATION is my fbips - PORT is my fbports..
4th : Install SQUID and block facebook.com there.
I hope im posting it in a right folder discussion..
Hope it help all pFSerians!
Thanks to codemarauder for the additional CIDR :) More beers later man :)
jigp
-
Of course you can add some exemption to certain ips. :)
Do this: Proto:TCP > Source: Lan IP > Destination: fbips > Port: fbports
jigp
-
If you are blocking all IPs by firewall rules why do you use squid in addition ?
-
If you have no squid you cant block facebook.com. Ive tried it. Unless there's another way around? But all work for me here.
-
If you have no squid you cant block facebook.com. Ive tried it. Unless there's another way around? But all work for me here.
In my case, i have exemptions so i really need squid. -
Hi pFSerians! Good afternoon! :)
How-to block facebook in 4 ways:
1st: Get the CIDR of facebook using the domain_whois_tool
- OR use my Aliases CIDR http://imageshack.us/f/193/cidr.png2nd: Create Aliases, put all CIDR of facebook (i named it fbips as description) and create ports 80/4443 (i named it fbports as description)
3rd: Create a firewall rule in LAN > Action is Reject > TCP as proto > DESTINATION is my fbips - PORT is my fbports..
4th : Install SQUID and block facebook.com there.
I hope im posting it in a right folder discussion..
Hope it help all pFSerians!
Thanks to codemarauder for the additional CIDR :) More beers later man :)
jigp
Can you give me the link for the CIDR info?
-
Hi pFSerians! Good afternoon! :)
How-to block facebook in 4 ways:
1st: Get the CIDR of facebook using the domain_whois_tool
- OR use my Aliases CIDR http://imageshack.us/f/193/cidr.png2nd: Create Aliases, put all CIDR of facebook (i named it fbips as description) and create ports 80/4443 (i named it fbports as description)
3rd: Create a firewall rule in LAN > Action is Reject > TCP as proto > DESTINATION is my fbips - PORT is my fbports..
4th : Install SQUID and block facebook.com there.
I hope im posting it in a right folder discussion..
Hope it help all pFSerians!
Thanks to codemarauder for the additional CIDR :) More beers later man :)
jigp
Can you give me the link for the CIDR info?
First post image?!?
-
Sure. http://imageshack.us/f/193/cidr.png :)
-
That's a lot of steps. Just install ipblocklist and use a custom list or http://list.iblocklist.com/?list=ecqbsykllnadihkdirsh&fileformat=p2p&archiveformat=gz
-
That's a lot of steps. Just install ipblocklist and use a custom list or http://list.iblocklist.com/?list=ecqbsykllnadihkdirsh&fileformat=p2p&archiveformat=gz
Thanks!
-
Thanks! But in my case i have some exemptions. All users are blocked from accessing fb except me. So im creating a rule to allow it to my IP. And if someone would like to access fb, i will just create a rule to allow the user's IP.
jigp
-
2nd: Create Aliases, put all CIDR of facebook (i named it fbips as description) and create ports 80/4443 (i named it fbports as description)
if you do this and have a webserver are you going to prevent it to access the net?
is the port 80 / 443 instead of 80 / 4443
want to try this and see if it interferes -
@pcboarders
I have no concern with webserver so i didn't bother to try this.
I just want to block facebook and give exemptions to those who want to access facebook,jigp
-
Masters,
What if you have multiwan and failover, will it conflict with squid?
I would like to block also other sites and facebook but might encounter unwanted conflict with my multiwan and failover.
advise please, thanks! -
Same rule in MultiWan. Use the firewall rule and select the WAN or whichever is your WAN1 and WAN2.
-
Sorry but my english is no good. when i write the url http://www.facebok.com pfsense block the access. but whit secure https://www.facebook.com all people can enter to facebook. i need to block this. Thanks a lot.
-
Sorry but my english is no good. when i write the url http://www.facebok.com pfsense block the access. but whit secure https://www.facebook.com all people can enter to facebook. i need to block this. Thanks a lot.
How do you block http now? Answer depends greatly your blocking method
-
Add Facebook CIDR to bogons data. :o
-
Latest IPs of facebook:
IPV4 IPs:
route: 204.15.20.0/22
route: 69.63.176.0/20
route: 66.220.144.0/20
route: 66.220.144.0/21
route: 69.63.184.0/21
route: 69.63.176.0/21
route: 74.119.76.0/22
route: 69.171.255.0/24
route: 173.252.64.0/18
route: 69.171.224.0/19
route: 69.171.224.0/20
route: 103.4.96.0/22
route: 69.63.176.0/24
route: 173.252.64.0/19
route: 173.252.70.0/24
route: 31.13.64.0/18
route: 31.13.24.0/21
route: 66.220.152.0/21
route: 66.220.159.0/24
route: 69.171.239.0/24
route: 69.171.240.0/20
route: 31.13.64.0/19
route: 31.13.64.0/24
route: 31.13.65.0/24
route: 31.13.67.0/24
route: 31.13.68.0/24
route: 31.13.69.0/24
route: 31.13.70.0/24
route: 31.13.71.0/24
route: 31.13.72.0/24
route: 31.13.73.0/24
route: 31.13.74.0/24
route: 31.13.75.0/24
route: 31.13.76.0/24
route: 31.13.77.0/24
route: 31.13.96.0/19
route: 31.13.66.0/24
route: 173.252.96.0/19
route: 69.63.178.0/24
route: 31.13.78.0/24
route: 31.13.79.0/24
route: 31.13.80.0/24
route: 31.13.82.0/24
route: 31.13.83.0/24
route: 31.13.84.0/24
route: 31.13.85.0/24
route: 31.13.86.0/24
route: 31.13.87.0/24
route: 31.13.88.0/24
route: 31.13.89.0/24
route: 31.13.90.0/24
route: 31.13.91.0/24
route: 31.13.92.0/24
route: 31.13.93.0/24
route: 31.13.94.0/24
route: 31.13.95.0/24
route: 69.171.253.0/24
route: 69.63.186.0/24
route: 204.15.20.0/22
route: 69.63.176.0/20
route: 69.63.176.0/21
route: 69.63.184.0/21
route: 66.220.144.0/20
route: 69.63.176.0/20IPV6 IPs
route6: 2620:0:1c00::/40
route6: 2a03:2880::/32
route6: 2401:DB00::/32
route6: 2a03:2880:fffe::/48
route6: 2a03:2880:ffff::/48
route6: 2620:0:1cff::/48Hope this help.
jigp -
Yes, this definitely helps a lot, thank you very much.