Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Https://www.facebook .com is working even i blocked facebook by proxy filtering

    Scheduled Pinned Locked Moved Off-Topic & Non-Support Discussion
    9 Posts 5 Posters 20.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      aby
      last edited by

      https://www.facebook .com is working even i blocked facebook by proxy filtering.what should i do to block this??/

      1 Reply Last reply Reply Quote 0
      • D
        dhatz
        last edited by

        Put the IP ranges of Facebook e.g.

        66.220.144.0/21 Facebook, Inc.
        66.220.152.0/21 Facebook, Inc.
        69.63.176.0/21 Facebook, Inc.
        69.63.184.0/21 Facebook, Inc.
        69.171.224.0/20 Facebook, Inc.
        69.171.239.0/24 Facebook, Inc.
        69.171.240.0/20 Facebook, Inc.

        in a pfsense Alias e.g. FBNets, and then add a firewall rule to block traffic to FBNets for ports 80 & 443.

        1 Reply Last reply Reply Quote 0
        • Cry HavokC
          Cry Havok
          last edited by

          Are you forcing people to use the proxy? How have you blocked Facebook?

          1 Reply Last reply Reply Quote 0
          • M
            Metu69salemi
            last edited by

            You can't proxy https trafic so you have to use aliases as dhatz sayed

            1 Reply Last reply Reply Quote 0
            • Cry HavokC
              Cry Havok
              last edited by

              You can proxy HTTPS traffic (using the CONNECT method), but the proxy only gets to know the hostname being connected to. This means that, if correctly configured, you can block HTTPS traffic.

              1 Reply Last reply Reply Quote 0
              • M
                Metu69salemi
                last edited by

                @Cry:

                You can proxy HTTPS traffic (using the CONNECT method), but the proxy only gets to know the hostname being connected to. This means that, if correctly configured, you can block HTTPS traffic.

                Ok this was new to me, so i'll check this little further when i got some time

                1 Reply Last reply Reply Quote 0
                • Cry HavokC
                  Cry Havok
                  last edited by

                  If you think about it, how else could you configure a proxy for use in your browser (check it's settings)?

                  1 Reply Last reply Reply Quote 0
                  • A
                    aby
                    last edited by

                    can any one tell me how to make this stuff using aliases????

                    1 Reply Last reply Reply Quote 0
                    • F
                      fluca1978
                      last edited by

                      Doing aliases you have to create a new alias, of type net, add all the hosts and their ips and then place a rule in the LAN to block traffic to that alias.
                      This is useful also to avoid people being blocked from the proxy but being able to use the chat or other applications.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.