Can anyone help me block mobile application like facebook, youtube, & other IM
-
That will only filter http/https traffic though so not message traffic at least in some cases.
You might also try using DNS-BL from the pfBlocker package to block domains at the DNS level which obviously works for all protocols but not if apps have hard coded IPs.
Steve
-
Can you help me to configure the pfblocker? im new to pfsense. . please
-
Can you help me to configure the pfblocker? im new to pfsense. . please
pfBlockerNG has really great info built into the package, just click on the info panes and read for basic setup.
Here are some additional posts to get you started:
https://forum.pfsense.org/index.php?topic=102470.msg572943#msg572943What you are trying to accomplish goes beyond the basic setup. You'll need to poke around the forums to learn how to do what you need, but it's all laid out very well. Pay extra attention to posts by BBCan177, pfBNG is his.
Once you've got pfBNG up and running with a basic configuration, check out this thread and the posts it links to. It's focused on blocking porn but you can use the same methods and lists to accomplish your goals.
https://forum.pfsense.org/index.php?topic=125863.0 -
Out of curiosity I'm wondering if it would be possible to somehow hack the Traffic Shaper to effectively block IM services. It allows you to specify services, could you go into a config file or something and limit those services to 0 throughput?
Just a thought, I'd be interested in hearing the thoughts of someone smart on this!
-
Is is possible to leverage some existing tools and packages to accomplish what you want… maybe... but you'll be chasing 10's of thousands of IP's, it'll eat up a bunch of time and will be a management nightmare.
The more straight forward approach is to implement a UTM inline with your network.
-
marvosa is right. I never found a mature way of doing this type of blocking in pf
If you really need this throw in untangle as a bridge install application control and just tick what you want to block
-
One possibility is to use OpenAppID in Snort. You can block with that if a signature exists for the app you want. I'm unsure about marking traffic for shaping using that. It's relatively new in the package.
Steve
-
One possibility is to use OpenAppID in Snort. You can block with that if a signature exists for the app you want. I'm unsure about marking traffic for shaping using that. It's relatively new in the package.
Steve
This looks worth checking out
-
pfBlockerNG has really great info built into the package, just click on the info panes and read for basic setup.
I second pfBasic. pfBlockerNG is a great tool to add to your pfSense install.
I just confirmed that you can block WhatsApp with pfBlockerNG by adding an IPv4 list. Once pfBlockerNG is installed and running navigate to Firewall>pfBlockerNG>IPv4. Click Add.
Alias Name: WhatsApp Block List
List Description: Blocking WhatsApp
Source:
https://www.whatsapp.com/cidr.txtHeader Label: WhatsApp
List Action: Deny Both
Update Frequency: Once a day
Click "Save"
Navigate to Firewall>pfBlockerNG>Update.
Click "Run"
Navigate to Diagnostics>States>Reset States
Check "Reset the firewall state table" and click "Reset"
You must reset the States or the settings will not take place.
-
@presbuteros thank you for your nice comment, can you please tell us how to block youtube,facebook and other mobile applications?
-
@aziz-rahman said in Can anyone help me block mobile application like facebook, youtube, & other IM:
@presbuteros thank you for your nice comment, can you please tell us how to block youtube,facebook and other mobile applications?
Try to use ASN option from pfblocker , he will create aliase, after you will create your own rule on each interface you need to block using that alias
My rule is to allow to certain ports so i won't be *(everything) . I would love to block the entire facebook but i am maried.
