Blocking facebook etc



  • hello all

    was wondering if anyone could help.I am a noob when it comes to this stuff.

    we've installed PFsense and our network is as follows :
            router - Pfsense - Domain controller(sbs2003) - switch -

    now i use nmap and discover port 21 is open….stupid question but how do i close it??
    also restricting sites like facebook etc. where is it done and how? i have installed squid and  squid guard. but i dono how to configure it and to get it working.

    please overlook my stupidity



  • which side on the router are you scanning with nmap? wan? lan? is the port open on a machine in the lan? or is it open to the world on the WAN. port 21 is ftp, make sure you don't have a rogue server out there.

    as for blocking facebook, a tutorial is on the wiki for configuring squidguard.

    I never used squidguard, so I realy can't say how to tweak it. However, if you are keen on just blocking one site, you can set up squid as a transparent proxy, and set the ip of facebook on the blocked site's list.

    you can also achieve this with a simple block firewall rule.
    Though if you want to block multiple sites squidguard is the better way to go as your firewall tables will get cluttered up very quickly



  • How about blocking the games of facebook not the whole www.facebook.com? Just blocking the games.facebook.com is it possible? I know it was not "games".facebook.com. Lots of games subdomain on it..



  • Maybe using the expressions box in destinations in Squidguard…I haven't used it too much, but it seems to work ok...


Log in to reply