Sites still available even with dnsbl
-
I'm trying to block social media and video sites for the kiddos.
I've tried using pfblockerng categories, and explicitly defining DNS entries for specific sites ( with the categories disabled ) pointing to 10.10.10.1.
For some reason I don't understand a handful of specific sites still make it though with the DNS filtering enabled.
Nslookup shows my blocking address on any sites I'm trying to block, but certain large sites (tiktok, Facebook and reddit especially) still load. What am I doing wrong here?
-
I'm certainly no expert on pfblockerng, as I haven't had to work a content filter or anything for a good 10 years or so...but if I go to tiktok and press F12 I see all kinds of junk like the following:
sf16-scmcdn-va.ibytedos.com/goofy/tiktok/blahblahblah
mcs-va.tiktokv.com
mon-va.byteoversea.comIt might say tiktok in the url; but everything inside is coming out of a giant content delivery network. If all the blocker redirects is the 'name brand' webpage; 99.9% of the content might load just fine, especially with side loading bullcrap that isn't using the normal web front end. Applications on phones and stuff will frequently bypass the front end entirely and rely on the CDN.
When I pull up the simple facebook login page I get a million of these:
static.xx.fbcdn.net
scontent.fapa1-1.fna.fbcdn.netSimilar story with reddit being full of:
www.redditstatic.com
v.redd.it
preview.redd.it
i.redd.itYou owe me two bits for making me load tiktok. I watched 4 videos...I am dumber.
-
@timbrigham Not sure whether you're still checking your thread; however, you never mentioned saving the changes you had made, then updating and reload pfBlockerNG (data base).
-
@nollipfsense I saved and reloaded the changes. Im getting the correct 10.10.10.1 address when I attempt dns lookups. Thanks though.
