Captive portal pfsense facebook only



  • Hi! I'm just a beginner in using pfsense. I would like to setup a network where it can only access facebook and nothing more. I'm also using captive portal in my network with no authentication just an accept button. Could anyone help me please..
    In my pfsense PC I have a three(3) interfaces:

    • WAN 192.168.0.190

    • LAN 212.189.52.1

    • GUESTS 210.174.36.1

    WAN
    Of course the WAN is connected on the main network connection (INTERNET)
    LAN
    Is the interface where all of the computer is connected (INTERNET)
    GUESTS
    Is for any guest that would want to use the internet it does have a captive portal and a wifi connection for smartphones.

    What I'm trying to do is Use the GUEST interface to share the internet and block all sites so that the users will only gain access to the facebook.
    I did try to use the package SQUID and SQUIDGUARD, and block all of the categories but when i tried to open my COC(Clash of Clan) app it connects.
    When I try to limit the GUEST interface by using a firewall and allowing only the facebook IP. The captive portal reacts and just redirecting or showing the connectivitycheck.gstatic.com/generate_204 link..

    Please could anyone help me. I wish to do this, this week. Because I'm relying on this task to get my enrollment fee this week.. Thanks..



  • This question is VERY old - and answered many times.
    But, normally, it's the other way around : everything, EXCEPT Facebook

    @Mr.Clay:

    ….
    When I try to limit the GUEST interface by using a firewall and allowing only the facebook IP. .........

    Like Google, Facebook doesn't us "an IP(v4)", but hundreds IP(v4) if not thousands - and probably billions IPv6.
    There are lists on the net that shows them all.
    Throw them in an "alias'. Use this alias in a firewall rule on your QUEST interface - and that's about it.

    More info (example) : http://stackoverflow.com/questions/11164672/list-of-ip-space-used-by-facebook



  • Thanks!

    What i mean is. When I try to allow only the facebook IPs. The captive portal is just showing an error and try to access connectivity.gstatic.com/generate_204 link..



  • gstatic is a google address that contains javascript



  • @Mr.Clay:

    Thanks!

    What i mean is. When I try to allow only the facebook IPs. The captive portal is just showing an error and try to access connectivity.gstatic.com/generate_204 link..

    This isn't coming from the (default) portal page, neither from pfSense elsewhere.
    Let me guess : your browser is 'Google' infected. Also known with the name 'Chrome'.


Log in to reply