• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

How to disable Dropbox LAN sync. on pfsense

Scheduled Pinned Locked Moved General pfSense Questions
4 Posts 4 Posters 2.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    mohdsh85
    last edited by Feb 6, 2014, 8:31 AM

    Dear All,

    i have around 80 machine on my network and the 80 doing sync for their data on dropbox ,

    am just trying to stop these thing

    what can i do using pfsense ?

    thanks

    1 Reply Last reply Reply Quote 0
    • S
      stephenw10 Netgate Administrator
      last edited by Feb 6, 2014, 1:29 PM

      The LAN sync traffic between boxes on your LAN subnet does not go through pfSense at all (unless you have multiple internal subnets) and the cloud sync traffic uses port 80 so it's hard to block (deliberately!).

      Steve

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by Feb 6, 2014, 3:08 PM

        I expect you can use the same strategy as discussed for FaceBook here: https://forum.pfsense.org/index.php/topic,69860.msg383922.html#msg383922

        It seems that the magic "AS" number for DropBox is AS19679 -  http://bgp.he.net/AS19679
        and the actual IP subnets allocated - http://whois.arin.net/rest/org/DROPB/nets

        I imagine if you block all those destination addresses your users will be knobbled.

        But, of course, if people can connect a VPN from their computer out to a VPN provider, then they can tunnel through and then out to DropBox (or whatever) via the VPN provider - it's a losing game really trying to block stuff.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • B
          BBcan177 Moderator
          last edited by Feb 6, 2014, 11:17 PM

          Would the Policy rules of Snort Block this?

          2012647 tcp $HOME_NET any $EXTERNAL_NET $HTTP_PO… ET POLICY Dropbox.com Offsite File Backup in Use
          2012648 udp $HOME_NET 17500 any 17500                         ET POLICY Dropbox Client Broadcasting
          2804233 tcp $HOME_NET any $EXTERNAL_NET $HTTP_PO... ETPRO POLICY dl.dropbox Download
          2014313 tcp $EXTERNAL_NET $HTTP_PO... $HOME_NET any ET POLICY Executable Download From DropBox
          2017015 tcp $EXTERNAL_NET 443 $HOME_NET any ET POLICY DropBox User Content Access over SSL

          "Experience is something you don't get until just after you need it."

          Website: http://pfBlockerNG.com
          Twitter: @BBcan177  #pfBlockerNG
          Reddit: https://www.reddit.com/r/pfBlockerNG/new/

          1 Reply Last reply Reply Quote 0
          2 out of 4
          • First post
            2/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received