Block website
-
AHHH Thanks. Totally missed that when I read the OP post. I guess the mention of squid made me overlook that point
-
I'm very confused, I have a webserver running on 192.168.1.6.
How do i do this, I tried this but it didn't work at all:
http://i.gyazo.com/d08c5eab584c9146d04e776a0bf9aab8.png -
What you've done is created a DNS override so that if anyone tries to go to myhost.facebook.com, it will redirect to 19.168.1.6. This is probably not what you want. If I remember, you can leave the Host section blank and it will match anything that ends in facebook.com.
-
The entry you've made where you've put 'myhost' means that the override will work when you try to visit 'myhost.facebook.com'. If you want it to resolve to 'www.facebook.com' enter 'www' in the Host field. Otherwise do as KOM suggests.
-
Wouldn't Dansguardian package serve this purpose more properly?
"How do i block specific websites without connecting to a proxy?"
Sure but acknowledging that such control is, most of the time, achieved using proxy, it might be interesting to understand why Frozity tries to achieve it "not using a proxy" ;)
My understanding, reading carefully his first post, is that
"not using a proxy"
is triggered by the second part of this first post, i.e.
"Is it possible to run Squid or something without needed to configure it on Chrome? So people will be connected to that Squid thing when they connect to the network"
Keeping this in mind, answer based on either WPAD or transparent proxy makes sense isn't it?
Well, I would not suggest transparent proxy but WPAD fits, IMHO 8) -
From my standpoint, if you want successful "DNS based" implementation, be sure you block DNS flow through your firewall otherwise clever user will bypass your control relying on external DNS ;)
Last but not least, even with internal DNS "only", accessing forbidden web site typing IP address can't be block using DNS (while proxy can achieve it 8))Are you still convinced you do want to achieve it without proxy ???
-
Last but not least, even with internal DNS "only", accessing forbidden web site typing IP address can't be block using DNS (while proxy can achieve it 8))
These days most complex web sites (like the ones wanting to be blocked here) use many different names/IP addresses to serve up various components of the site. If you learn the (an) IP address of the site then sure, you can go to it and get some basic page. But a bunch of content will be referenced by other names and if resolution of those is diverted by host/domain overrides then the user effectively has a very difficult time making any use of the site.
So a DNS-only blocking strategy can still be practically effective. -
The entry you've made where you've put 'myhost' means that the override will work when you try to visit 'myhost.facebook.com'. If you want it to resolve to 'www.facebook.com' enter 'www' in the Host field. Otherwise do as KOM suggests.
I tried this, but it doesent block the frontpage. But everything else gets blocked. I'm very confused.
-
I tried this
You tried what? Using www or leaving it blank?
-
@KOM:
I tried this
You tried what? Using www or leaving it blank?
Leaving it blank didn't do anything.
-
https://forum.pfsense.org/index.php?topic=43835.0
-
https://forum.pfsense.org/index.php?topic=43835.0
So i added "address=/dev/192.168.1.6" and nothing changed.
-
So i added "address=/dev/192.168.1.6" and nothing changed.
Please, try using brain. Go re-read the post a couple of times.
-
So i added "address=/dev/192.168.1.6" and nothing changed.
Please, try using brain. Go re-read the post a couple of times.
Please, be nice. This doesen't make sense for me.
I'm trying to block this website: vg.no
-
Then why on earth are you sticking dev there, instread of vg.no?!?!
-
Then why on earth are you sticking dev there, instread of vg.no?!?!
address=/vg.no/192.168.1.6
It still doesen't block the frontpage, but when i click on read article etc it gets blocked.
-
Nothing happened is worthless problem description. (BTW, the DNS results are cached, you need to flush the cache. Reboot the boxes you are testing this from if you don't know how.)
-
Nothing happened is worthless problem description. (BTW, the DNS results are cached, you need to flush the cache. Reboot the boxes you are testing this from if you don't know how.)
Thank you for the help!
-
there are really very few websites that would even load a basic page on ip, since most everything is CDN and requires the host headers to know what to serve (multiple pages on same IP)..
You could always validate this with what site your looking to block by going to the IP yourself and seeing what content is provided.