• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How do I block YouTube for a particular user

Scheduled Pinned Locked Moved Firewalling
4 Posts 2 Posters 7.4k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • Z
    znelbok
    last edited by Oct 25, 2013, 9:04 AM Oct 25, 2013, 8:51 AM

    Hi all

    I use pfsense as a firewall router at home.  I don't have a lot of experience with it

    other than basic firewall rules.

    My son has a habit of using YouTube and wasting all our bandwidth (the very small amount that we have).  After being shaped again this month enough is enough and I want to block his access to youtube.

    I know youtube has a block of IP's, so I can;t just add a basic rule in the firewall.

    how do I block him with pfsense?

    Can I block him during specific hours if desired?

    Thanks

    Mick

    1 Reply Last reply Reply Quote 0
    • M
      mendilli
      last edited by Oct 25, 2013, 9:11 AM

      use non transparent proxy with local authentication and wpad/pac, so you can block any site to any user with suquidguard

      1 Reply Last reply Reply Quote 0
      • Z
        znelbok
        last edited by Oct 25, 2013, 10:58 AM

        As stated I am lacking in experience with pfsense so bear with me.

        I assume you mean squidguard and not suquidguard.

        I think you are trying to say run a proxy server that required the user to log in to to allow access and then rules within the proxy would prevent access to the sites I deem as not requried.

        I have no ideal what wpad/pac is so I will have to go do some reading.

        Thanks

        1 Reply Last reply Reply Quote 0
        • M
          mendilli
          last edited by Oct 25, 2013, 12:33 PM Oct 25, 2013, 12:16 PM

          if you do not want to use a proxy you must use static ip (assign specific ip to your son's pc-mac) and find all ips used by youtube and create an alias for them, next create a schedule within firewall menu then block connections to that alias from your son's ip within that time scedule using a firewall rule

          but in this case if your son use a proxy(a free proxy via browser settings) request will direct to the proxy so your firewall can not detect the youtube connection and allow it, https/ssl is another problem also

          best way is
          -use squid non transparent with authentication
          -with firewall rules allow only squid proxy and block any other connections
          -use wpad/pac for automatic proxy dedection or manually set proxy for your pcs with browser configuration
          -use squidguard to block your son with time shedules

          this way he can not use external proxy servers, and via non transparet squid you can even block https domain connections

          wpad/pac is a file system containg three files created in /usr/local/www directory named wpad.dat, wpad.da and proxy.pac
          browsers when set to autodedect proxy looks for theese files and gets the proxy information from theese files.you can find further info about it at:
          https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received