blocking websites without squid

Started by microit001, December 21, 2017, 03:39:53 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 21, 2017, 03:39:53 AM
I was trying to block facebook with firewall rule. it didnt work. Anyone can help ?
December 21, 2017, 06:06:50 PM #1
You can use OpenDNS for DNS with an account for your network to block the social media category

Bart...
December 28, 2017, 05:11:19 AM #2
thank you...  ;D ;D ;D ;D
December 30, 2017, 04:44:42 AM #3
You can also do this locally if you use Unbound DNS.  Once setup just go into the overrides and set the ip you want blocked to 0.0.0.0

This also allows you to use pretty much ANY DNS server out there to grab results.  The bad thing is all someone has to do to bypass is change the DNS on their computer or device.
December 30, 2017, 09:17:23 AM #4
Quote from: NightShade on December 30, 2017, 04:44:42 AM
This also allows you to use pretty much ANY DNS server out there to grab results.  The bad thing is all someone has to do to bypass is change the DNS on their computer or device.
no, a Port forward can prevent this (for example for LAN):
from any to ! LAN IP UDP/53 -> LAN IP 53
January 09, 2018, 09:41:16 AM #5
Quote from: bartjsmit on December 21, 2017, 06:06:50 PM
You can use OpenDNS for DNS with an account for your network to block the social media category

Bart...
Hi. OpenDNS might be quite alright to use, but it does Hi-jack your DNS queries to display adpages on domains not resolvable, so i have stopped recommend OpenDNS just because of this.
January 09, 2018, 12:22:50 PM #6
I wrote some IPS rules for this, they might get official after 18.1.
January 09, 2018, 06:24:51 PM #7
Quote from: Gargamel on January 09, 2018, 09:41:16 AM
Hi. OpenDNS might be quite alright to use, but it does Hi-jack your DNS queries to display adpages on domains not resolvable, so i have stopped recommend OpenDNS just because of this.

Hi Gargamel, when is the last time you've experienced the ads please? OpenDNS claims not to have done so for quite some years: https://umbrella.cisco.com/blog/2014/05/29/no-more-ads/ Just wondering if they have started doing this again.

Thanks,

Bart...
January 09, 2018, 06:34:58 PM #8
Regards


Bill
January 09, 2018, 08:21:37 PM #9
Quote from: phoenix on January 09, 2018, 06:34:58 PM
How about the Quad9 DNS server: https://arstechnica.com/information-technology/2017/11/new-quad9-dns-service-blocks-malicious-domains-for-everyone/

Much as I would like to agree with you that Facebook is malware, you're on your own here  ;D

Bart...
January 10, 2018, 08:19:10 AM #10
Quote from: bartjsmit on January 09, 2018, 06:24:51 PM
Quote from: Gargamel on January 09, 2018, 09:41:16 AM
Hi. OpenDNS might be quite alright to use, but it does Hi-jack your DNS queries to display adpages on domains not resolvable, so i have stopped recommend OpenDNS just because of this.

Hi Gargamel, when is the last time you've experienced the ads please? OpenDNS claims not to have done so for quite some years: https://umbrella.cisco.com/blog/2014/05/29/no-more-ads/ Just wondering if they have started doing this again.

Thanks,

Bart...
'

Personally i havent used OpenDNS since they hijack dns querys, glad they stopped their ad-infestations.

My mom had OpenDNS in her router, many problems was solved by going back to ISP dns server a few weeks ago.
Print
Go Up Pages1
User actions