Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Block WeChat and TikTok

    Firewalling
    2
    2
    450
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      goldkeeper
      last edited by

      Hi,

      How can I block inbound and outbound traffic from WeChat and TikTok? I

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by bmeeks

        The most effective way is to unplug your Internet connection 😀!

        Ok, just kidding there, but that is really the only way to be 100% guaranteed such services are blocked.

        Blocking those, and other services such as YouTube, Facebook, etc., is very difficult because they do not use a single IP address. They have servers located in data centers all over the world, and the different servers connect to the Internet via different IP networks using CDNs (content delivery networks). It is not as simple as blocking some host that only has a single IP address that it uses.

        For load balancing purposes and other reasons, CDNs typically put very short TTL (time-to-live) values on the DNS entries for such services as WeChat, TikTok, YouTube, etc. Sometimes these are as short as 2 to 5 minutes. So two different clients attempting to resolve one of those domains can actually receive and use two completely different IP addresses.

        Most pfSense users are installing the pfBlockerNG-devel package and configuring it with ASN lists for the services they want to block. There is an entire sub-forum here just for pfBlockerNG. You can get some input from others by posting questions there. Here is a direct link: https://forum.netgate.com/category/62/pfblockerng.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post