Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How do I block YouTube for a particular user

    Firewalling
    2
    4
    7162
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      znelbok
      last edited by

      Hi all

      I use pfsense as a firewall router at home.  I don't have a lot of experience with it

      other than basic firewall rules.

      My son has a habit of using YouTube and wasting all our bandwidth (the very small amount that we have).  After being shaped again this month enough is enough and I want to block his access to youtube.

      I know youtube has a block of IP's, so I can;t just add a basic rule in the firewall.

      how do I block him with pfsense?

      Can I block him during specific hours if desired?

      Thanks

      Mick

      1 Reply Last reply Reply Quote 0
      • M
        mendilli
        last edited by

        use non transparent proxy with local authentication and wpad/pac, so you can block any site to any user with suquidguard

        1 Reply Last reply Reply Quote 0
        • Z
          znelbok
          last edited by

          As stated I am lacking in experience with pfsense so bear with me.

          I assume you mean squidguard and not suquidguard.

          I think you are trying to say run a proxy server that required the user to log in to to allow access and then rules within the proxy would prevent access to the sites I deem as not requried.

          I have no ideal what wpad/pac is so I will have to go do some reading.

          Thanks

          1 Reply Last reply Reply Quote 0
          • M
            mendilli
            last edited by

            if you do not want to use a proxy you must use static ip (assign specific ip to your son's pc-mac) and find all ips used by youtube and create an alias for them, next create a schedule within firewall menu then block connections to that alias from your son's ip within that time scedule using a firewall rule

            but in this case if your son use a proxy(a free proxy via browser settings) request will direct to the proxy so your firewall can not detect the youtube connection and allow it, https/ssl is another problem also

            best way is
            -use squid non transparent with authentication
            -with firewall rules allow only squid proxy and block any other connections
            -use wpad/pac for automatic proxy dedection or manually set proxy for your pcs with browser configuration
            -use squidguard to block your son with time shedules

            this way he can not use external proxy servers, and via non transparet squid you can even block https domain connections

            wpad/pac is a file system containg three files created in /usr/local/www directory named wpad.dat, wpad.da and proxy.pac
            browsers when set to autodedect proxy looks for theese files and gets the proxy information from theese files.you can find further info about it at:
            https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid

            1 Reply Last reply Reply Quote 0
            • First post
              Last post