Need to block PSIPhon app



  • I have tried

    - Forced users to use my DNS server
      - Created rules to block VPN, IPSEC, PPTP, SSH and L2TP

    Any suggestions !!



  • To block an application, you need to determine at least one of the following:

    1. the server(s) the app talks to
    2. the port(s) the app uses to talk

    This app appears to use common web ports, so blocking that way isn't practical.  Next you try to see where this app tries to talk to and block all of those destination IPs.  You can't do it based on domain names because it most likely resolves to one of many different IP addresses, and DNS resolution doesn't happen in realtime for every domain requested.  SO you're left playing whack-a-mole with IP addresses.

    A better way would be to have a clear usage policy, and suspend any users caught breaking the policy.  Users can always find a way around filters.



  • you have to block DNS port 53
    this worked for me if you are blocking 80 and 443 as well
    https://doc.pfsense.org/index.php/Blocking_DNS_queries_to_external_resolvers



  • Can you support us of how to you do it because i try what are you say but it didnt work