Netgate SG-1000 microFirewall

Author Topic: How to block HTTPS Facebook and Youtube in a specific time and IP range??  (Read 160 times)

0 Members and 1 Guest are viewing this topic.

Offline pfnewbie02

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
pfSense masters! can you teach me how to block HTTPS Facebook and Youtube in a specific  time and IP range? Or to block all HTTPS Facebook and Youtube traffic and specify only the allowed time for users to have access. Comments will be deeply appreciated. Thanks!

Offline ashima

  • Full Member
  • ***
  • Posts: 138
  • Karma: +2/-0
    • View Profile
Hi,

   You will have to install squid and squidguard.

Also to block https sites you have to enable SSL Filtering. Chose the option Splice whitelist and Bump otherwise. Create a whitelist of https site which you want to pass. Rest all will be bumped.

Hope this helps you.
Ashima

Offline pf$george

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: How to block HTTPS Facebook and Youtube in a specific time and IP range??
« Reply #2 on: February 01, 2018, 12:37:22 am »
Hi,

I was able to block those 2 sites without using any packages. Using only the firewall rules, you can achieve this.

What I did is, first identify those sites IP address ranges, you might find this part difficult.
But if you manage to collect and identify the correct IPs, you will get what you want. You may try to search 'ipinfo facebook'

Lets assume you already got the IPs, next you need to do is create an alias and add those IPs you just collected. Then next create a firewall rule on that interface and set it to block/reject, set protocol to tcp/udp or any, source ip to any and finally destination ip select single host or alias and input the alias name you just created.

You can also assign schedules by creating a schedule by going to Firewall > Schedule then after creating a schedule, go edit your firewall rule and go to advance options and look for 'schedule'

Note* blocking youtube using IP address might affect google, I just figured it out that there are times youtube and google has the same IP.


1. Login to pfSense
2. Firewall > Aliases
3. Firewall > Schedule
4. Firewall > Rules
------action: block
------protocol: any
------source ip: any
------destination ip: single host or alias (alias name)
------advance options: schedule

Offline pfnewbie02

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: How to block HTTPS Facebook and Youtube in a specific time and IP range??
« Reply #3 on: February 01, 2018, 01:15:23 am »
Hi,

I was able to block those 2 sites without using any packages. Using only the firewall rules, you can achieve this.

What I did is, first identify those sites IP address ranges, you might find this part difficult.
But if you manage to collect and identify the correct IPs, you will get what you want. You may try to search 'ipinfo facebook'

Lets assume you already got the IPs, next you need to do is create an alias and add those IPs you just collected. Then next create a firewall rule on that interface and set it to block/reject, set protocol to tcp/udp or any, source ip to any and finally destination ip select single host or alias and input the alias name you just created.

You can also assign schedules by creating a schedule by going to Firewall > Schedule then after creating a schedule, go edit your firewall rule and go to advance options and look for 'schedule'

Note* blocking youtube using IP address might affect google, I just figured it out that there are times youtube and google has the same IP.


1. Login to pfSense
2. Firewall > Aliases
3. Firewall > Schedule
4. Firewall > Rules
------action: block
------protocol: any
------source ip: any
------destination ip: single host or alias (alias name)
------advance options: schedule

Thank you for this! Will try this one if it is effective. Dont you have problems with youtube side? Some tell's that you might also block other google services when blocking youtube IPs.

Offline pfnewbie02

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Re: How to block HTTPS Facebook and Youtube in a specific time and IP range??
« Reply #4 on: February 01, 2018, 01:17:47 am »
@pf$george how did you get all IPs of Facebook? Did you list down all IP ranges stated in the https://ipinfo.io/AS32934 website?