How to block YouTube in PFSense
-
I am going the DNS route. For now, the kids won't be able to change the dns server on their device… yet.
Thanks for the suggestions though.
-
@chhinfo hey brother need your help. i want to use scheduling on my pfsense. i want to block facebook, instagram, and youtube on a certain time and only they can access facebook, instagram and youtube for one hour and after that block again. I tried it but only facebook and instagram works, not youtube because of so many ip address they have. I tried also using squid, pfblocker, and openDNS, but the problem is, it will permanently block. Hope you can help me. Thanks
-
@chhinfo Hi! Yes I also very interested how you can block by schedule?
-
@chhinfo said in How to block YouTube in PFSense:
First of all thank to pFsense!
It's just perfect. Right now we have pFsense box hand dhcp to 15 UniFi router for our company! We just block Facebook & Youtube (Android App + iOS App)!
I use pFsense 2.2.6-RELEASE (amd64) (I am not sure about other newer version).1 - Firewall > Rules > (Interface You wanna block)
2 - Create Rule to allow the interface can talk to DNS:
(for Whom don't know how to create:
action = pass
TCP/IP Version = IPv4 _Protocol = tcp/udp
Source = Staff net {My interface name: Staff, you have your own}
Destination = Staff Address
Destination port = DNS 53
Check => Log packets that are handled by this rule)3 - Create Rule for Managers going to any where:
(for Whom don't know how to do:
=> Firewall > Aliases > add new Aliase:
Name = Managers
Hosts > Add new entry > 10.11.11.253 <= My Staff net = 10.11.11.0/24, and not surprisingly IP 253 is mine
=> Firewall > Rule:
action = pass
TCP/IP Version = IPv4
Protocol = tcp/udp
Source = Alias:Managers
Destination = Any
Destination port = Any
Check => Log packets that are handled by this rule)4 - Create Rule for blocking Facebook:
=> Firewall > Aliases > add new Aliase:
Name = facebookApp
Hosts > Bulk import from Aliases list > facebookApp.txt <= File in the attachment
=> Firewall > Rule:
action = block
TCP/IP Version = IPv4
Protocol = tcp/udp
Source = Staff net
Destination = Aliases: facebookApp
Destination port = Any
Check => Log packets that are handled by this rule)5 - Create Rule for Staffs accessing allowed Website
6 - Create Rule for Managers accessing Google: <= this is how youtube app got block
- My company not allowed Google Search for users, that why Managers group is the target.
=> Firewall > Traffic Shaper > Layer7 > Create new l7 rules group
Check = Enable/Disable layer7 Container
Name = youtubeBlock
Add entry = httpvideo > action = block
=> Firewall > Aliases > add new Aliase:
Name = googleApp
Hosts > Bulk import from Aliases list > googleApp.txt <= File in the attachment
=> Firewall > Rule:
action = block
TCP/IP Version = IPv4
Protocol = tcp/udp
Source = Aliases: Managers
Destination = Aliases: googleApp
Destination port = Any
Check => Log packets that are handled by this rule)
Advanced features = Layer7: youtubeBlock
7 - Create Rule to deny anything:
=> Firewall > Rule:
action = block
TCP/IP Version = IPv4
Protocol = tcp/udp
Source = any
Destination = any
Destination port = Any
Check => Log packets that are handled by this rule)8 - Test it on android and iOS
Good luck blocking youtube app @@
Hi where is can get facebookapp.txt and googleapp.txt?
Links doesnt work
Thanks - My company not allowed Google Search for users, that why Managers group is the target.
-
hi, @chhinfo could you please reattach the aliases for facebookApp.txt and googleApp.txt because link doesnt work.
thanks
-
@chhinfo
Thank you so much for your contribution in such detail.
Although I have not tried your presented solution but I understand that it would be quite helpful for a Novice user like me. Kindly re-attach your following files:
facebookApp.txt
googleApp.txt_Thank you once again.