Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Social networks blocking

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 4 Posters 409 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      ginoduqo
      last edited by

      Hello. I looked through many sites and realized that pfsense does not know how to block social networks via https as a transparent proxy.
      Opaque (it is not an option to climb into the users' browser and register a proxy).
      I even created patterns, nothing helps.
      Tell me about the latest versions, maybe they have a tool for blocking social networks?

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @ginoduqo
        last edited by

        @ginoduqo said in Social networks blocking:

        I even created patterns,

        All what you can actually 'see' is the IP being used by the client's device. It should be known as an IP used by a social media.
        So, you should have a list with these IP's - or use their AS. Check what pfBlockerNg-devel can do for you.

        Pattern matching TLS traffic is like comparing all waves in all oceans with an image : mission impossible.
        Proxying or 'rooting' the user's device is the only way.

        Btw : this is not some pfSense limitations.
        Governments have a hard time tracing these these connections also. If they can't .....

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • NogBadTheBadN
          NogBadTheBad
          last edited by NogBadTheBad

          You could block Facebook using pfBlicker-NG by creating an alias using the ASN for Facebook.

          YMMV with other Social networks.

          Or maybe Snort with the openappid-social_networking.rules enabled.

          Screenshot 2020-11-03 at 09.24.13.png

          Andy

          1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

          1 Reply Last reply Reply Quote 0
          • N
            negate1
            last edited by

            This post is deleted!
            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.