Netflix - Need help on how to block Netflix in a work environment

hjint · November 15, 2018, 10:50:51 AM

I'm using OpnSense 18.7.7 in a work environment and trying to block access to Netflix, but no success

Steps followed
1. Created an Alias for www.netflix.com (pfTables updated with addresses)
2. Created Block rule on LAN - Source : any; Destination : Netflix Alias
3. Created Block rule on WAN - Source : Netflix Alias; Destination : any
4. Both rules sit at the top of the rule list
5. Added *.netflix.* to Forward Proxy ACL Blacklist
6. Google is not listed in the SSL No Bump Sites

Despite these, Netflix is not blocked

Any ideas or comments will be appreciated on how to block Netflix or if there are errors in the rules.

Update I have created an alias for a website http://www.6mmbr.com as a test and then created the same rules upto point 4 as above and I can't get OpnSense to block the website, have switched the source and destinations around, still no luck.

mrkev · November 15, 2018, 02:20:00 PM

How have you formatted the rule from the LAN side to block netflix? Are you using IP addresses? Netflix have a lot of IP ranges that they may use so it could be quite a big alias:

https://ipinfo.io/AS2906

hjint · November 19, 2018, 07:27:12 AM

The pfTable for the Netflix alias only reflects 16 IP addresses

Netflix - Need help on how to block Netflix in a work environment

hjint

November 15, 2018, 10:50:51 AM Last Edit: November 15, 2018, 11:01:58 AM by hjint

mrkev

November 15, 2018, 02:20:00 PM #1

hjint

November 19, 2018, 07:27:12 AM #2