Block only google drive upload

  • Hi

    I would block upload file to cloud provider sush as Dropbox, Google Drive, etc

    I can block dropbox traffic

    but , with google drive , i think it is not easy, many web site is in the same ip range with drive (youtube , google doc , ...)

    how i can block only google drive ?

    Thank You

  • You somewhat answered you own question with these words:

    %(#e00038)[not easy, many web site is in the same ip range with drive (youtube , google doc , ...)]

    You need a DPI (deep packet inspection) engine to accomplish this and possibly even a MITM (man-in-the-middle) certificate proxy system so you can inspect payloads in cleartext. You could try the OpenAppID functionality within the Snort package, but I don't recall if there are any existing Google Drive rules in that rule set.

  • Hi,

    Well ... as you said yourself, you can't use destination-IP-list discrimination, otherwise it would be as easy of finding all the Google-drive IP's, throwing them in an Firewall alias and using this alias in a firewall block rule.
    Although I do think that Google services like the web search egnin, Youtube, Gmail, etc do not use the same IP's as Google drive.

    The next step would be : finding out what Google drive (for example : login phase) packets have in common : this means your have to to filter on IDS/IPS level - see the sub forum for information. This can be done, and certainly not in a lost afternoon.
    See also this one to get the picture.

    edit : @bmeeks types faster ^^

  • If it's as simple as, you could set the Domain Override in Services -> DNS Forwarder to resolve it to nothing. That's the "!" character in that entry.

    I say simple above, but it's probably not that cut-and-dry... I don't know for sure if google drive has a much larger reach, domain or IP address-wise.

    Read more about dns forwarder here:


Log in to reply