I was trying to block facebook with firewall rule. it didnt work. Anyone can help ?
You can use OpenDNS for DNS with an account for your network to block the social media category
Bart...
thank you... ;D ;D ;D ;D
You can also do this locally if you use Unbound DNS. Once setup just go into the overrides and set the ip you want blocked to 0.0.0.0
This also allows you to use pretty much ANY DNS server out there to grab results. The bad thing is all someone has to do to bypass is change the DNS on their computer or device.
Quote from: NightShade on December 30, 2017, 04:44:42 AM
This also allows you to use pretty much ANY DNS server out there to grab results. The bad thing is all someone has to do to bypass is change the DNS on their computer or device.
no, a Port forward can prevent this (for example for LAN):
from any to ! LAN IP UDP/53 -> LAN IP 53
Quote from: bartjsmit on December 21, 2017, 06:06:50 PM
You can use OpenDNS for DNS with an account for your network to block the social media category
Bart...
Hi. OpenDNS might be quite alright to use, but it does Hi-jack your DNS queries to display adpages on domains not resolvable, so i have stopped recommend OpenDNS just because of this.
I wrote some IPS rules for this, they might get official after 18.1.
Quote from: Gargamel on January 09, 2018, 09:41:16 AM
Hi. OpenDNS might be quite alright to use, but it does Hi-jack your DNS queries to display adpages on domains not resolvable, so i have stopped recommend OpenDNS just because of this.
Hi Gargamel, when is the last time you've experienced the ads please? OpenDNS claims not to have done so for quite some years: https://umbrella.cisco.com/blog/2014/05/29/no-more-ads/ Just wondering if they have started doing this again.
Thanks,
Bart...
How about the Quad9 DNS server: https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/
Quote from: phoenix on January 09, 2018, 06:34:58 PM
How about the Quad9 DNS server: https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/
Much as I would like to agree with you that Facebook is malware, you're on your own here ;D
Bart...
Quote from: bartjsmit on January 09, 2018, 06:24:51 PM
Quote from: Gargamel on January 09, 2018, 09:41:16 AM
Hi. OpenDNS might be quite alright to use, but it does Hi-jack your DNS queries to display adpages on domains not resolvable, so i have stopped recommend OpenDNS just because of this.
Hi Gargamel, when is the last time you've experienced the ads please? OpenDNS claims not to have done so for quite some years: https://umbrella.cisco.com/blog/2014/05/29/no-more-ads/ Just wondering if they have started doing this again.
Thanks,
Bart...
'
Personally i havent used OpenDNS since they hijack dns querys, glad they stopped their ad-infestations.
My mom had OpenDNS in her router, many problems was solved by going back to ISP dns server a few weeks ago.