Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Youtube Blocking in pfblocker via IP

    pfBlockerNG
    3
    8
    86
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • antgallaA
      antgalla
      last edited by

      Hi everyone,

      Im using pfBlockerNG/IP/IPv4 to block websites and add the website IP to IPv4 Custom_List to block website.

      But when im blocking youtube, the rule I created. The pfsense automatically include our ISP(please see attach img), so if the rule is active we can't use our internet.

      Any suggestion? appreciate your help.

      yt blocking.png

      GertjanG S antgallaA 3 Replies Last reply Reply Quote 0
      • GertjanG
        Gertjan @antgalla
        last edited by

        @antgalla

        The file used, 'pfB_Blocked_YT_v4', can be found (afaik) here /var/db/aliastables/
        Does that file include your WAN IP ?

        Not a real solution, more a workaround : what about a pass rule you create and place just above this pfB block rule so that it your WAN IP ?

        Btw : Youtube uses 2000+ IPv4's. So, this week, the set you've listed is activate, it will change (all the time) in a couple of days/weeks/months. Blocking the big players is (Microsoft, facebook, apple, google, etc) is close to mission impossible as they have hired all the greatest network administrators to make your live harder. Worse, block those sites and your network guests will just leave your network (and start dealing with SIM cards ^^).
        What will work is blocking all IPs that alphabet owns = block their ASN and then nothing will work anymore. Including www.google.com etc.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        antgallaA 1 Reply Last reply Reply Quote 0
        • S
          SteveITS Rebel Alliance @antgalla
          last edited by

          @antgalla We tried blocking YouTube for my son via ASN but could not get it to consistently block. We ended up using a View in unbound. To block for everyone you could set a domain override to nowhere. Remember to block DoH/DoT to force devices to use pfSense for DNS.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote πŸ‘ helpful posts!

          1 Reply Last reply Reply Quote 0
          • antgallaA
            antgalla @antgalla
            last edited by

            @Gertjan
            The file used, 'pfB_Blocked_YT_v4', can be found (afaik) here /var/db/aliastables/ - its working after I edit the file via vi!
            But when I reload the pfblockerNG/IP the problem returns😒

            1 Reply Last reply Reply Quote 0
            • antgallaA
              antgalla @Gertjan
              last edited by

              @SteveITS
              I need to block website with specific device only. I can't used domain overrides because its blocking all devices.πŸ˜•

              S antgallaA 2 Replies Last reply Reply Quote 0
              • S
                SteveITS Rebel Alliance @antgalla
                last edited by

                @antgalla I have excellent news for you. :) In DNS Resolver settings try:

                661a2e61-d7ce-4fb6-9813-07aeefbd9161-image.png

                Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                Upvote πŸ‘ helpful posts!

                1 Reply Last reply Reply Quote 0
                • antgallaA
                  antgalla @antgalla
                  last edited by

                  @SteveITS
                  Niceee, I will try it later! Can I put alias instead of IP?

                  S 1 Reply Last reply Reply Quote 0
                  • S
                    SteveITS Rebel Alliance @antgalla
                    last edited by

                    @antgalla said in Youtube Blocking in pfblocker via IP:

                    @SteveITS
                    Niceee, I will try it later! Can I put alias instead of IP?

                    It’s raw unbound config so I doubt it knows about pfSense aliases.

                    Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                    When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                    Upvote πŸ‘ helpful posts!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.