How to limit bandwidth for social media
-
@stephenw10 Thanks for reply, I have created Alias in pfBlocker IPv4 and added it in firewall, it fetch the list of IPs but not forwarding traffic from defined gateway. Hence if i trace host i can see ip in pfBlocker alias list
-
Um... not sure I understand. What are you trying to achieve? Sending traffic through a Limiter?
Can we see screenshots?
Steve
-
@stephenw10 I have created alias in IPv4 and created firewall rule for alias and sending traffic through specific gateway. But is not working hence alias fetch list ips and those are fine.
-
How are you testing? Are the states not going through that using IPs that appear in the Alias?
If not then the ASNs don't contain them so you will need to add more.
Steve
-
@stephenw10 To test gateway i am doing tracert for domain and ips. I can see ips listed in alias list but some time request route from different gateway
-
If the IPs you're testing to are in the list then they should always go via the specified gateway as long as some other pass rule isn't catching them first.
The only time that might not happen is if a firewall already exists via another gateway. If you tested then added the firewall rule then immediately tested again without clearing the states for example.Steve
-
@stephenw10 Below image of my firewall configuration, Please help me find out if i did anything wrong.
-
Ah, your rule is TCP only so traceroute won't be caught by it. Set it to any ipv4 protocol.
Steve
-
This post is deleted! -
@stephenw10 Thanks that works, this is such a big help. this is what i am trying to achieve from few days. Thanks a lot Stephenw
-
No worries.
-
This post is deleted! -
@stephenw10 said in How to limit bandwidth for social media:
pfBlocker can deal with AS numbers and create aliases from the lists of IPs. Then you can use those alises in firewall rules.
pfBlocker will handle updating the alises periodically. For example:
Steve
Hey Steve. Quick question while we are on topic. I see on the screenshot that you have update frequency set on weekly. Since there are no links in IPv4 fields, does that mean "an update" will refresh ASN data and update the IP`s in the alias ?
Thanks again for sharing this because, so far this is how i did it.
I execute this into terminal
whois -h whois.radb.net -- '-i origin AS15169' | awk '/^route:/ {print $2;}' | sort | uniqAnd then copy output into the TXT file and then use alias import function to create an alias that i use in firewall rule.
Its a hassle. I know.
-
Yes it updates them. You can check the pfBlocker logs:
===[ IPv4 Process ]================================================= [ Spamhaus_drop_v4 ] static hold. [ Google_v4 ] Downloading update . Downloading ASN: 15169... completed . completed .. [ Facebook_v4 ] Downloading update [ 04/15/24 00:00:37 ] . Downloading ASN: 32934... completed . completed .. [ Netflix_v4 ] Downloading update [ 04/15/24 00:00:39 ] . Downloading ASN: 2906... completed . completed .. [ Test_Range_custom_v4 ] exists. [ 04/15/24 00:00:40 ] [ o365_alias_v4 ] exists. -
@stephenw10 said in How to limit bandwidth for social media:
Yes it updates them. You can check the pfBlocker logs:
===[ IPv4 Process ]================================================= [ Spamhaus_drop_v4 ] static hold. [ Google_v4 ] Downloading update . Downloading ASN: 15169... completed . completed .. [ Facebook_v4 ] Downloading update [ 04/15/24 00:00:37 ] . Downloading ASN: 32934... completed . completed .. [ Netflix_v4 ] Downloading update [ 04/15/24 00:00:39 ] . Downloading ASN: 2906... completed . completed .. [ Test_Range_custom_v4 ] exists. [ 04/15/24 00:00:40 ] [ o365_alias_v4 ] exists.Awesome. Thank you very much sir !!!!
