Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal pfsense facebook only

    Scheduled Pinned Locked Moved Captive Portal
    5 Posts 3 Posters 4.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Mr.Clay
      last edited by

      Hi! I'm just a beginner in using pfsense. I would like to setup a network where it can only access facebook and nothing more. I'm also using captive portal in my network with no authentication just an accept button. Could anyone help me please..
      In my pfsense PC I have a three(3) interfaces:

      • WAN 192.168.0.190

      • LAN 212.189.52.1

      • GUESTS 210.174.36.1

      WAN
      Of course the WAN is connected on the main network connection (INTERNET)
      LAN
      Is the interface where all of the computer is connected (INTERNET)
      GUESTS
      Is for any guest that would want to use the internet it does have a captive portal and a wifi connection for smartphones.

      What I'm trying to do is Use the GUEST interface to share the internet and block all sites so that the users will only gain access to the facebook.
      I did try to use the package SQUID and SQUIDGUARD, and block all of the categories but when i tried to open my COC(Clash of Clan) app it connects.
      When I try to limit the GUEST interface by using a firewall and allowing only the facebook IP. The captive portal reacts and just redirecting or showing the connectivitycheck.gstatic.com/generate_204 link..

      Please could anyone help me. I wish to do this, this week. Because I'm relying on this task to get my enrollment fee this week.. Thanks..

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        This question is VERY old - and answered many times.
        But, normally, it's the other way around : everything, EXCEPT Facebook

        @Mr.Clay:

        ….
        When I try to limit the GUEST interface by using a firewall and allowing only the facebook IP. .........

        Like Google, Facebook doesn't us "an IP(v4)", but hundreds IP(v4) if not thousands - and probably billions IPv6.
        There are lists on the net that shows them all.
        Throw them in an "alias'. Use this alias in a firewall rule on your QUEST interface - and that's about it.

        More info (example) : http://stackoverflow.com/questions/11164672/list-of-ip-space-used-by-facebook

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • M
          Mr.Clay
          last edited by

          Thanks!

          What i mean is. When I try to allow only the facebook IPs. The captive portal is just showing an error and try to access connectivity.gstatic.com/generate_204 link..

          1 Reply Last reply Reply Quote 0
          • H
            heper
            last edited by

            gstatic is a google address that contains javascript

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan
              last edited by

              @Mr.Clay:

              Thanks!

              What i mean is. When I try to allow only the facebook IPs. The captive portal is just showing an error and try to access connectivity.gstatic.com/generate_204 link..

              This isn't coming from the (default) portal page, neither from pfSense elsewhere.
              Let me guess : your browser is 'Google' infected. Also known with the name 'Chrome'.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.