How to block a domain instead of an IP range?
-
Hi all,
Can any one help me with this issue? I need to block www.facebook.com with its domain name not the IP range.
I don't want to have transparent squid in my office though.
Please let know if there a way to block a domain with pfsense 1.2
btw is it possible to do it with Snort, if so how?Thanks!
Manjula -
you can do that by using squid guard.
its fairly simple -
As I mention we don't like to use a proxy in my office. But we need to block Facebook.com during office hours. Facebook uses no of ips and random DNS I guess. Any idea how to do this?
Thanks! -
That is what i tried to said, SquidGaurd is a package in pfsense itself , thorugh which you can blacklist a domain.
-
if you want to block an entire domain… just create the file /usr/local/etc/dnsmasq.conf
in that file add: address=/www.myspace.com/127.0.0.1
Now anyone who tries to connect to "www.myspace.com" will just connect back to their own system, as long as your pfsense ip is their DNS Server IP.
I made a package called "DNS Blacklist" to do this sort of thing. You can check it out if you like.
-
You can also admin this from the gui I found out–
if you look on the page for the DNS forwarder, the bottom has a spot:
Below you can override an entire domain by specifying an authoritative dns server to be queried for that domain.
add your domain there.