Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.
-
Hi,
I have a kids who started to be in the age they can open internet browser and navigate to youtube and then they are stuck in endless loop of that bullsh*t videos there until I force them to turn it off. So I am looking for a way of blocking some webs, now it is youtube with the possibility to add them "enabled time" so they will be for instance able to use the youtube for 1 hour and then block again.Before I will start endless googling and inventing possibly already invented wheel, do anybody have some ideas or tips for this?
Thx!
-
Pf blocker & DNSBL
Use the alias generated by pfB in a rule as destination. with the ip of the kids PC (source) and pimp it with a time based scheduler
Done
Works here just fine
-
Well, maybe I will need some more info on this. Currently I use pfblockerng and I have defined some dnsbl feeds for ad blocking and I have added my custom source with entries:
0.0.0.0 youtube.com 0.0.0.0 www.youtube.com 0.0.0.0 m.youtube.comIt works and the PCs can't access youtube. But it blocks youtube for all the clients in my home network and to be honest I do not know how to setup that custom dnsbl list only for certain IP and ideally allow it for some time periods.
As I am at the beginning of making this solution, I do not want to complicate it but I read it is possible to block some IPs which are associated to youtube (there was some ASN number mentioned). Would not this be an option? I am just asking.
Thx!
-
OK, I tried the AS number way. Well, it works when I set the AS numbers related to youtube (and google) in
pfBlockerNG - > IP -> IPv4:
And it blocks youtube. But unfortunately youtube.com was resolved in my country as 142.251.36.110 which belongs to AS15169 and it includes google services, so for instance even gmail does not work.
So I think I will have to stick to blocking domain names only and block youtube.com only. I wanted to block youtube's service at all as android youtube apps might use other than youtube.com domain names and youtube videos might work there even if I block youtube.com domain. But interesting - when I blocked m.youtube.com, www.youtube.com and youtube.com via dnsbl, even my android TV did not play youtube, what is good as I will most likely want to block it as well.So for me the opened thing is "How to make dnsbl block the youtube domain only for certain IPs?" If somebody gives me a hint it would be great.
-
Use DNSBL
Set it for *YouTube.ComUse the alias pfB creates for a rule
For your hostsGo go scheduler set up one
Go back to the rule advanced and select that scheduler
Set a second rule without the schedule and pass
Go to advanced and set allow kill states when schedule expired
That should do the trick
Keep me posted
-
I have a vlan on my home network called “KidsZone”. In that vlan is a dns server(Adguard) From there I filter the content I want for the kids. In addition I have time based rules only for that vlan which cuts off the vlan to the internet after 10pm and enable after 7am.
I also do NAT reflection for dns so any connection to a dns server that isent my Adguard server goes back to Adguard.Pfsense can’t so url filtering in the flexible way you may want so it’s easier/cleaner if you put devices you want to control in their own vlan.
Firewall: NetGate 6100/7100U, Palo Alto
Routing: Juniper MX204 , Arista 7050X3
Switching: Juniper EX/QFX. Arista 7050SX
Wireless: Unifi, Aruba IAP -
@michmoor said in Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.:
Pfsense can’t so url filtering in the flexible way you may want so it’s easier/cleaner if you put devices you want to control in their own vlan.
i get the approach and yes sounds familiar
but can u explain why pfS witch pfB & DNSBL can't realize URL filtering in the flexible way ...
I dont get it, maybe im looking at it wrongbr NP
-
another way is to use regex
as @Gertjan mentioned herelink -->
https://forum.netgate.com/topic/177672/url-blocking-by-keyword/7
-
@jimbo12 said in Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.:
o they will be for instance able to use the youtube for 1 hour and then block again.
so far you got a pretty solid base on howto block certain things with certain methods usin pfB
only missing thing to fulfill your wish is howto time based rules
-
@noplan said in Ideas how to block certain webs (youtube) for kid's PC with possibility to enabling it for some hours.:
time based rules
configure your time range and add
looks like something like that
save
lets go build a firewall rule
but 1st set up an alias for all your kids devices if you have em put not togehter in a VLAN
then
Action= Pass
Source = ALIAS of your devices
DESTINATION = the pfB Alias pfB created
Fire and forget !
could be usefull but think about it carefull
if needed or not
**BUT IMPORTANT TO CHECK **
so that should do teh magic
have fun and keep us posted !
