Blocking WeChat and TikTok
-
Hi, total pfSense noob here; posted this on the Firewall forum and was suggested to post here. Can anyone tell me how to block WeChat and TikTok?
-
@goldkeeper Use pfBlocker and create a geoip alias and use it on a block outbound rule.
You could use their ASN numbers if they host everything in their address space.
Loads of posts here regarding pfBlocker.
Andy
1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22
-
WeChat AS131628
TikTok AS138699 -
I have been running PiHole for a long time even though I still use pfBlocker. Mainly because I like the interface and the reporting. But I recently decided to switch over to AdGuard Home (on separate server - not as plugin).
It does pretty much the same thing as PiHole but has a simple function for this specific purpose.
In the "Blocked Services" menu, there's a list of some 45 well known predefined applications, including WeChat and TikTok. You simply "throw a switch" for each of the applications you want to block... -
Thank you for the advice! Is it possible to block only for a specific user/device?
-
Doesnt work...
I have facebook blocked via ASN and it works like a charm for everybody.
-
someone mentioned adguard which is what i use at home for a particular vlan. everyone else uses pfblocker. But in theory i could just use pfblocker and do dns blocking, no? same purpose here? why cant we just do that?
-
@michmoor Off course you can do it with pfBlocker. Same purpose and same method of doing dns blocking.
It's just that AdGuard have already taken the ASN's for the most popular Apps and converted them into a nice human friendly interface with icons, app name and a toggle switch for each.
Extremely quick and intuitive, vs doing it yourself...@goldkeeper said in Blocking WeChat and TikTok:
Thank you for the advice! Is it possible to block only for a specific user/device?
No you can't at least not at the moment.
-
@gblenn said in Blocking WeChat and TikTok:
No you can't at least not at the moment.
Not sure where you got that info, I am not a user of adguard - but clearly the docs show you can do per device configuration.
-
@johnpoz I wouldn't necessarily take that listing as proof, as it basically means that you can configure many of the listed items on a per client basis. Which upstream DNS servers to use, whether or not to use AdGuards parental control, the their Safe search or browsing security features.
BUT, having said that, I'm glad you made me check again, because they have actually implemented this specific function as well!! There is in fact a tab where you get the same nice UI to select from the list of apps to block, or simply use the global blocking list...
So yes it is possible!!
-
Referenced by
Alejo 0
-
This post is deleted! -
I have attempted to get this working, but going to tiktok.com still loads. I am missing something basic I know...
Appreciate any guidance!
pfBlockerNG Alias definition:
LAN Ruleset (redacted):
Thanks,
Steve -
@ciroque Wouldnt it be easier to either
- spin up adguarddns and block tiktop app
- spin up pi-hole and block tiktop app
- forward traffic to opendns or nextdns and block tiktop app
just a suggerstion.
-
@ciroque Maybe your web browser is doing DNS over HTTP.
Tried killing the firewall states ?
-
@ciroque said in Blocking WeChat and TikTok:
I have attempted to get this working, but going to tiktok.com still loads.
Don't suppose your ISP gives you a dual stack IPv4 and IPv6 address range? The shots you show block IPv4, but wouldn't block any IPv6 TikTok addresses.
