How to deny access of facebook

cesjr

Hi ,does any one knows how to deny access of facebook , I can't figure out where is the configuration :'(
Any suggestion will be appreciated :)

Exolon

Install pfBlockerNG, then set up a block rule with something like:

http://bgp.he.net/search?search%5Bsearch%5D=facebook&commit=Search

muswellhillbilly

Alternately, install Squid/Squidguard or Squid/Dansguardian and set up a block rule there.

jds5

I haven't tried it, but off the top of my head you could add a DNS override for www.facebook.com to resolve to 127.0.0.1 or something like that.

2chemlud

..somethink like in the hosts file? Don't think this is easily done, or? An then they enter the IP and you'r lost again ;-)

shamuel_

I block by Rule using alias with all Facebook address.
I create the list using the AS Number.

You can get this list using whois:
whois -h whois.radb.net – '-i origin AS32934' | grep ^route

Before you could create a alias with this address an block the alias by Rule.

<alias><name>Facebook_ASN</name>

<address>204.15.20.0/22 69.63.176.0/20 66.220.144.0/20 66.220.144.0/21 69.63.184.0/21 69.63.176.0/21 74.119.76.0/22 69.171.255.0/24 173.252.64.0/18 69.171.224.0/19 69.171.224.0/20 103.4.96.0/22 69.63.176.0/24 173.252.64.0/19 173.252.70.0/24 31.13.64.0/18 31.13.24.0/21 66.220.152.0/21 66.220.159.0/24 69.171.239.0/24 69.171.240.0/20 31.13.64.0/19 31.13.64.0/24 31.13.65.0/24 31.13.67.0/24 31.13.68.0/24 31.13.69.0/24 31.13.70.0/24 31.13.71.0/24 31.13.72.0/24 31.13.73.0/24 31.13.74.0/24 31.13.75.0/24 31.13.76.0/24 31.13.77.0/24 31.13.96.0/19 31.13.66.0/24 173.252.96.0/19 69.63.178.0/24 31.13.78.0/24 31.13.79.0/24 31.13.80.0/24 31.13.82.0/24 31.13.83.0/24 31.13.84.0/24 31.13.85.0/24 31.13.86.0/24 31.13.87.0/24 31.13.88.0/24 31.13.89.0/24 31.13.90.0/24 31.13.91.0/24 31.13.92.0/24 31.13.93.0/24 31.13.94.0/24 31.13.95.0/24 69.171.253.0/24 69.63.186.0/24 31.13.81.0/24 179.60.192.0/22 179.60.192.0/24 179.60.193.0/24 179.60.194.0/24 179.60.195.0/24 185.60.216.0/22 45.64.40.0/22 185.60.216.0/24 185.60.217.0/24 185.60.218.0/24 185.60.219.0/24 129.134.0.0/16 157.240.0.0/16 204.15.20.0/22 69.63.176.0/20 69.63.176.0/21 69.63.184.0/21 66.220.144.0/20 69.63.176.0/20 2620:0:1c00::/40 2a03:2880::/32 2401:DB00::/32 2a03:2880:fffe::/48 2a03:2880:ffff::/48 2620:0:1cff::/48 2a03:2880:f000::/48 2a03:2880:f001::/48 2a03:2880:f002::/48 2a03:2880:f003::/48 2a03:2880:f004::/48 2a03:2880:f005::/48 2a03:2880:f006::/48 2a03:2880:f007::/48 2a03:2880:f008::/48 2a03:2880:f009::/48 2a03:2880:f00a::/48 2a03:2880:f00b::/48 2a03:2880:f00c::/48 2a03:2880:f00d::/48 2a03:2880:f00e::/48 2a03:2880:f00f::/48 2a03:2880:f010::/48 2a03:2880:f011::/48 2a03:2880:f012::/48 2a03:2880:f013::/48 2a03:2880:f014::/48 2a03:2880:f015::/48 2a03:2880:f016::/48 2a03:2880:f017::/48 2a03:2880:f018::/48 2a03:2880:f019::/48 2a03:2880:f01a::/48 2a03:2880:f01b::/48 2a03:2880:f01c::/48 2a03:2880:f01d::/48 2a03:2880:f01e::/48 2a03:2880:f01f::/48 2a03:2880:0000::/36 2a03:2880:1000::/36 2a03:2880:2000::/36 2a03:2880:3000::/36 2a03:2880:4000::/36 2a03:2880:5000::/36 2a03:2880:6000::/36 2a03:2880:7000::/36</address>

<type>network</type>
<detail></detail></alias>

BBcan177

You can actually do both… In Unbound or dnsmasq, create a Domain override. Also use pfBlockerNG to download the most recent IPs automatically daily/weekly as required. Hurricane Electric is a great source to collect IPs for almost any site.