block Facebook and youtube on mobile and desktops

fadygh

Hello Everyone
I know it seems a redundant question but I tried many many different methods but I couldn't find any clear explanation to my question
I want block some social media websites and applications like youtube and facebook on wireless, android and IPhone mobile and some wireless laptops, My solution was to create DHCP scope that links to one gateway with full access, and IP reservations based on MAC address to another gateway and dns to OpenDNS, I already installed opend DNS client on one a computer in order to track the IP address since it's dynamic not fixed IP and it's working, I have one wireless router linked to opendns and nobody connected to this wifi network is able to open blocked websites or apps. My two ADSL gateways are on the same subnet, I can't add two gateways using the same subnet , any simple and clear solution would be appreciated. I tried squidguard but it seems that it doesn't work with with https sites, so my only solution is to use DNS please correct me if I'm wrong, I'm open to any suggestion.

Best

NogBadTheBad

@fadygh said in block Facebook and youtube on mobile and desktops:

I want block some social media websites and applications like youtube and facebook on wireless, android and IPhone mobile and some wireless laptops, My solution was to create DHCP scope that links to one gateway with full access, and IP reservations based on MAC address to another gateway and dns to OpenDNS, I already installed opend DNS client on one a computer in order to track the IP address since it's dynamic not fixed IP and it's working, I have one wireless router linked to opendns and nobody connected to this wifi network is able to open blocked websites or apps. My two ADSL gateways are on the same subnet, I can't add two gateways using the same subnet , any simple and clear solution would be appreciated. I tried squidguard but it seems that it doesn't work with with https sites, so my only solution is to use DNS please correct me if I'm wrong, I'm open to any suggestion.

pfBlockerNG, use it to create firewall alias based on ASN numbers and use the rule to block outbound.

fadygh

can you please explain more, in aliases I found Hosts, networks, ports, URL(IPS), URL(ports), URL Table(IPS), and URL Table(ports), can you help more please and can you also tell me how can apply these rule to some IP addresses on my network not all of them

Best

Gertjan

Using a simple "alias" won't make it.
See many, no, more ! forum threads.

edit : I guess you can whitelist some IP's on your LAN.

stephenw10

This should already be solved on your other thread. Once you've added the gateways you can route one group via one public IP and the other via the other IP. Then OpenDNS can respond differently to each group if you need that.

But if one groups can be unfiltered you don't even need that. Just pass the OpenDNS IPs as DNS via DCP to the filtered group and allow everyone else to use pfSense (or some other DNS server) to get unfiltered results.

Steve