Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] Block Facebook with OPNsense
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Block Facebook with OPNsense (Read 18542 times)
klausneil
Jr. Member
Posts: 73
Karma: 4
[SOLVED] Block Facebook with OPNsense
«
on:
March 29, 2016, 10:10:17 pm »
Hi, anybody tell me how i can deny or block page facebook.com but by https, i try configure DNS Resolver-Overrides and i configure the domain facebook.com with 127.0.0.1 but i cant deny the page. Please help me.
«
Last Edit: April 01, 2016, 07:49:25 pm by klausneil
»
Logged
klausneil
Jr. Member
Posts: 73
Karma: 4
Re: Block Facebook with OPNsense
«
Reply #1 on:
March 30, 2016, 05:10:48 am »
Well i find one solution is this:
Firewall -> Aliases -> All
Add new alias
Name: facebook
Description: Social Network 1
Type: Host(s)
Host(s):
www.facebook.com
And add other line in the same rule
Name: facebook
Description: Social Network 1
Type: Host(s)
Host(s): es-la.facebook.com
Save
Now add a new firewall rule
Firewall -> Rules -> LAN -> add new rule
Action: Block
Protocol: TCP/UDP
Destination: facebook
Description: Social Network 1
Save
Well this is all, bye!!
Logged
phoenix
Hero Member
Posts: 545
Karma: 58
Re: [SOLVED] Block Facebook with OPNsense
«
Reply #2 on:
March 30, 2016, 09:32:39 am »
You can also block it by SSL Certificates, take a look at this page in the Documentation:
https://docs.opnsense.org/manual/how-tos/ips-sslfingerprint.html
Logged
Regards
Bill
klausneil
Jr. Member
Posts: 73
Karma: 4
Re: [SOLVED] Block Facebook with OPNsense
«
Reply #3 on:
March 31, 2016, 03:29:20 am »
Hi phoenix thanks
«
Last Edit: April 02, 2016, 12:06:12 am by klausneil
»
Logged
macgvr
Newbie
Posts: 13
Karma: 1
Re: Block Facebook with OPNsense
«
Reply #4 on:
March 31, 2016, 04:11:30 pm »
There is another interesting way to block such traffic. If your network uses an internal DNS server that gets handed out by DHCP then you can add an entry to the DNS server that points facebook.com, or other, to 127.0.0.1. The page will not load and they get a standard, failed to connect, error or a failed security certificate error. This works regardless of whether you are setup to examine SSH traffic or not. The page has to be resolved by DNS first and this causes it to resolve to a non-working address.
Logged
franco
Administrator
Hero Member
Posts: 17665
Karma: 1611
Re: Block Facebook with OPNsense
«
Reply #5 on:
March 31, 2016, 07:13:29 pm »
Right, or use "Services: DNS Tools: Filter" coupled with a OpenDNS account for maximum effect.
Logged
Bonesy
Newbie
Posts: 1
Karma: 0
Re: [SOLVED] Block Facebook with OPNsense
«
Reply #6 on:
March 02, 2022, 11:54:02 am »
I've tried using these suggestions but without any success.
create alias and rule to block facebook: Check
use dns override to steer to 127.0.0.1: Check
use certificate to block facebook: Check
can anyone help? i'm using a 2 vms for opnsense and kali. have LAN connection between both, with opnsense in WAN and kali in LAN. I can block unpopular sites but cant block facebook.
Logged
Its me, Jon
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
[SOLVED] Block Facebook with OPNsense