Filter out traffic to say facebook or netflix through different gateway



  • I'm currently able to only route different hosts originating from my network to different gateways, like say a range of LAN IP address to a OPENVPN client gateway.

    But how do I setup rules so say if you only access facebook and go through another VPN gateway?

    I tried doing DNSLookup for facebook then add that to alias, and in rules to use "To: Alias facebook" use GW: VPN

    It doesn't seem to work.



  • That should work in theory, but it can be hard in practice.  Facebook has a ton of IP addresses, for example.  Plus a lot of these types of services use regional content delivery networks (CNDs) that may not be part of their own IP space.  Besides, what's the point of going through a VPN for Facebook??



  • NSA?

    I don't want any logs of anything, to facebook, to google, by my ISP or anyone else.  Who knows in 5 years from now, what kind of story they can make up from logs to facebook.com.



  • NSA probably has a direct pipe to all of the major services, whether the service knows it or not.  Facebook is the antithesis of privacy.  The closest thing you might get to privacy while using Facebook would to use their onion address via Tor.