How to disable Dropbox LAN sync. on pfsense
-
Dear All,
i have around 80 machine on my network and the 80 doing sync for their data on dropbox ,
am just trying to stop these thing
what can i do using pfsense ?
thanks
-
The LAN sync traffic between boxes on your LAN subnet does not go through pfSense at all (unless you have multiple internal subnets) and the cloud sync traffic uses port 80 so it's hard to block (deliberately!).
Steve
-
I expect you can use the same strategy as discussed for FaceBook here: https://forum.pfsense.org/index.php/topic,69860.msg383922.html#msg383922
It seems that the magic "AS" number for DropBox is AS19679 - http://bgp.he.net/AS19679
and the actual IP subnets allocated - http://whois.arin.net/rest/org/DROPB/netsI imagine if you block all those destination addresses your users will be knobbled.
But, of course, if people can connect a VPN from their computer out to a VPN provider, then they can tunnel through and then out to DropBox (or whatever) via the VPN provider - it's a losing game really trying to block stuff.
-
Would the Policy rules of Snort Block this?
2012647 tcp $HOME_NET any $EXTERNAL_NET $HTTP_PO… ET POLICY Dropbox.com Offsite File Backup in Use
2012648 udp $HOME_NET 17500 any 17500 ET POLICY Dropbox Client Broadcasting
2804233 tcp $HOME_NET any $EXTERNAL_NET $HTTP_PO... ETPRO POLICY dl.dropbox Download
2014313 tcp $EXTERNAL_NET $HTTP_PO... $HOME_NET any ET POLICY Executable Download From DropBox
2017015 tcp $EXTERNAL_NET 443 $HOME_NET any ET POLICY DropBox User Content Access over SSL