HOW TO SET URL BLOCKING RULES BASED ON TIME SCHEDULE? NEED HELP BADLY!

gabpirate

Hello guys, I am new to pfsense (26 hours since I first installed pfsense on my gateway server). I am having a problem on where to set a firewall rule where I can block certain websites (facebook.com) and set a time schedule for the rule to be active. For example, I want to block facebook from 8am to 12 pm then allow it during 12:01 to 12:59 then block it again from 1:00PM to 5:30PM then allow it onwards until 8am the following day. I would also like to have this rule specific only to IP Ranges on my LAN subnet.
For example:
192.168.0.2 to 50 –- exempted from this rule

192.168.0.51 to 100 ----- under this rule

Is this configuration possible? Your opinions are highly valued...Thanks!

marcelloc

create an alias called facebook and include apps.facebook.com
create an alias called blocked and include a network cidr or individial ips that you wanto to restrict internet
create a time schedules with your free hours
create a rule on lan before default rule denying access from blocked alias to facebook alias on free_hours_time_schedule

take a look on docs.pfsense.com to see how to create alias time schedules and rules.

gabpirate

hello sir, can you please elaborate on how to do this? I have tried everything including the proxy server and proxy filter but i just cant seem to make it work like what I wanted…any suggestions?

chpalmer

Heres a couple of screenshots I use to turn my kids machine off and 10:45PM

In the second picture you see the difference between clicking on the week name (which will go on month to month) and clicking the actual day of the week (which only works that one day that one month)

I dont use aliases yet (but Im gonna do Facebook real soon!)

Schedule1.JPG_thumb

Schedule2.JPG_thumb

gabpirate

how about blocking facebook sir? any hints?

chpalmer

In the second post down, follow what marcelloc outlined.

Alias's are found at /firewall_aliases.php

gabpirate

Sir in aliases…what will I place in types? i have tried URL but it throws an ERROR telling me that www.facebook.com is not a valid URL type...any idea on this?

chpalmer

Ive not done an alias yet but-

http://facebook.com
http://www.facebook.com
http://apps.facebook.com

gabpirate

actually i was able to follow marcelloc's guide but one thing i cannot understand is this part:

"create a rule on lan before default rule denying access from blocked alias to facebook alias on free_hours_time_schedule"

In my firewall rules page, i cannot see any option on where to add alias…

here are some screenies:

please clarify on these…thanks

Metu69salemi

Goto: (Firewall: Aliases)

dreamslacker

@ gabpirate
To use the Alias in the Firewall Rule go to:

Destination -> Type
Change to Single Host or Alias
In the Address box, type in the name of the Alias (It should auto-complete).