Dears Friends
I have a problem, on my company i blocked facebook.com, but the users are access on protocol https, i blocked some ip´s of facebook but they haves a lot ip, please, how to block facebook on https protocol...??
Many Tks
I have a problem, on my company i blocked facebook.com, but the users are access on protocol https, i blocked some ip´s of facebook but they haves a lot ip, please, how to block facebook on https protocol...??
Many Tks
Share this post:
Responses (34)
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
hi,
I failed to block while using Content Filter. But I tried alternate method and succeed for terminal server. Just I have redirected the facebook.com to google.com. So whenever users try to access the facebook.com (it may be http or https), system automatically redirect the users to google.com.
If we disable the content filter, could not restrict users from accessing unwanted sites.. -
Accepted Answer
Try add this line to /etc/hosts:
173.194.70.102 facebook.com
Restart Dnsmasq:
service dnsmasq restart
and (optionally) flush DNS Cache on clients
On Windows OS (with admin rights):
ipconfig /flushdns
That IP belongs to Google. So if your users type facebook.com in the browser, they will be redirected to Google.com. -
Accepted Answer
Use o script na agenda cron, coloque pra rodar em minutos
segue abaixo
#/bin/bash
#
#LIMPAR ARQUIVO ip_facebook EDIT: Achei melhor manter essa lista por mais tempo
#echo "" > ip_facebook
#CAPTURAR IP DO FACEBOOK
host www.facebook.com >> /tmp/host_facebook
## EXPRESSÃO REFULAR PARA CAPTURAR SOMENTE OS IPS DO ARQUIVO host_facebook
sed -n 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/\nip&\n/gp' /tmp/host_facebook | grep ip | sed 's/ip//'| sort | uniq >> /tmp/ip_facebook
## REGRA DE CONDIÇÃO PARA BLOCK DOS IPS
for ip in $(cat /tmp/ip_facebook); do
iptables -n -L FORWARD | grep $ip
if [ $? -eq 1 ]
then
iptables -I FORWARD -s $ip -j DROP
fi
done -
Accepted Answer
hi all,
I am also changing in squid.conf file but it doesn't work
my setup is
acl special_clients src "/etc/squid/special_client_ips.txt"
acl facebook dstdomain .facebook.com
Under http access
http_access allow facebook special_clients
http_access deny facebook
http_access allow all
service squid restart
Please help me sort out this issue.
Thanks,
Karniv Patel -
Accepted Answer
Hello to all,
Please help me to sort out in this issue.
I want to block social networking sites like facebook,you tube,etc...
My Setup are :-
1)
Gateway---Web Proxy----Setting
Transparent Mode---Disabled
User Authentication--- Enabled
also i add all usefull site in Content filter-----Exception Sites
But it's not working.
2)
I am also changing in /etc/squid/squid.conf file
acl special_clients src "/etc/squid/special_client_ips.txt"
acl facebook dstdomain .facebook.com
Under http access
http_access allow facebook special_clients
http_access deny facebook
http_access allow all
service squid restart
But it doesn't work.
3)
I have also configured Engress firewall but it block all https(443) traffic, but i want to allow some https sites.
How it possible?
Do i miss anything? Is there any configuration problem? Please let me know.
Any help would be appreciated.
Thanks in advance,
Karniv Patel -
Accepted Answer
Blocking IPs is very problematic because of the cloud hosting now days. Try doing this in your squid.conf. etc/squid/squid.conf
You cannot be running transparent proxy. No firewall is needed on the ClearOS for this to work.
# no SSL sites
acl no_ssl_sites dstdomain .craigslist.org
or place all your banned ssl sites in a file like like this: acl no_ssl_sites dstdomain "/etc/squid/blacklist/noSSLsites"
acl unsafe_ports port 443
http_access deny no_ssl_sites unsafe_ports
The result is that [http://craigslist.org] will be filtered and [https://craigslist.org] will be blocked. -
Accepted Answer
-
Accepted Answer
try using incoming firewall
Blocked Incoming Connections-> Add
nickname - www.facebook.com
host - www.facebook.com -
Accepted Answer
There are two ways to block Facebook on ClearOS.
You either need to use non-transparent mode proxy, our you need to filter on DNS (it's best to implement both if you can)
You can read more about that here. -
Accepted Answer
-
Accepted Answer
Santosh pattanaik wrote:
Dear Clear OS support Team please help us block Facebook & youtube site
we thanks full to developers
This is an old thread, but it has come up twice in the last week via customers. You can now use the Application Filter (beta) to block YouTube and Facebook, even if your web proxy is running in transparent mode. How? The Application Filter is able to deconstruct the HTTPS/SSL certificates in the brief moment in time when traffic between the web browser and server is not yet encrypted. More information here:
- User Guide
- Application Details -
Accepted Answer
You can also load redwood into ClearOS. Hopefully they will natively support it soon. It replaces both squid and dansguardian; is a similar alternative to dansgardian only it's more powerful. It examines HTTPS, so you can handle all HTTPs traffic the way you were used to handling HTTP.
It can be downloaded here: https://github.com/andybalholm/redwood
The community version doesn't have a GUI. If you want a GUI, you need to contact Compass Foundation 855-530-8090
Note: I am not an associate of Compass Foundation but I do buy from them. -
Accepted Answer
H.323 wrote:
You can also load redwood into ClearOS. Hopefully they will natively support it soon.
I don't have an ETA, but I believe it's coming. I have tried Redwood on my home system and it's great... definitely recommended!
Just to clarify, Netify does not decrypt SSL traffic (which requires allowing forged SSL certificates on client systems). Instead, the Netify engine uses deep packet inspection techniques to deconstruct SSL certificates early in the HTTPS conversation. Privacy and security is important to Netify, so we do not poke into the content or payload of traffic. Netify identifies:
- the web/app in use e.g. Facebook
- the local MAC/IP address
- the remote IP address (with Geolocation and Malware details)
- bandwidth over time
- protocol (HTTPS, Bittorrent, etc)
- DNS/hostname information
- and some other networking tidbits
... but no payload information! With Netify, a secure connection to your online bank is still a secure connection to your online bank. -
Accepted Answer
I installed the Netify Application Filter and added Facebook to the "Blocked Applications" list.
I am still able to access Facebook. I tried stopping and starting the Application Filter but nothing changed. So I added Twitter to the list and am getting the same results. What am I doing wrong? -
Accepted Answer
David O'Donnell wrote:
I installed the Netify Application Filter and added Facebook to the "Blocked Applications" list.
I am still able to access Facebook. I tried stopping and starting the Application Filter but nothing changed. So I added Twitter to the list and am getting the same results. What am I doing wrong?
Are you able to block other applications? I can see that there have been some recent discussions about Facebook and deep packet inspection, so this might be a Facebook-only issue. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
I have found the most effective way to do this is via DNS (dnsmasq)
Add the lines below to /etc/dnsmasq.conf
address=/encrypted.google.com/127.0.0.1
address=/facebook.com/127.0.0.1
address=/twitter.com/127.0.0.1
address=/plus.google.com/127.0.0.1
address=/youtube.com/127.0.0.1
address=/instagram.com/127.0.0.1
address=/itunes.apple.com/127.0.0.1
One of the reasons this is better for me is that I want to only block these sites during the working day. Using cron they are unblocked at 5pm
You also have to ensure that the COS gateway provides all DNS answers -
Accepted Answer
David O'Donnell wrote:
Yes, I tried checking 6 others, none of the sites get blocked.
I wonder if you have the bleeding edge version of Netify? If you are familiar with the command line environment, check the netifyd version with:
rpm -q netifyd
It should be version 1.1-8. If it's a higher version, then the Application Filter and Protocol Filter apps won't work. -
Accepted Answer
Peter Baldwin wrote:
I wonder if you have the bleeding edge version of Netify? If you are familiar with the command line environment, check the netifyd version with:
rpm -q netifyd
It should be version 1.1-8. If it's a higher version, then the Application Filter and Protocol Filter apps won't work.
Hello Peter,
This is what I get with that command:
netifyd-1.1-8.v7.x86_64 -
Accepted Answer
David O'Donnell wrote:
This is what I get with that command:
netifyd-1.1-8.v7.x86_64
I'm stumped! I'll have to pass this on to our network guru. Would it be possible to get remote access to your system? If so, please submit your hostname and system password to https://secure.clearcenter.com/portal/system_password.jsp and we'll get it resolved. -
Accepted Answer
-
Accepted Answer
Peter Baldwin wrote:
I'm stumped! I'll have to pass this on to our network guru. Would it be possible to get remote access to your system? If so, please submit your hostname and system password to https://secure.clearcenter.com/portal/system_password.jsp and we'll get it resolved.
Hello Peter,
I have created the support ticket with the login info. The ticket ID is 551809. Thanks! -
Accepted Answer
Hi all,
Thanks for the remote access. One thing that I noticed this morning is that the firewall hook for Netify isn't always configured - here's a related tracker item: https://github.com/eglooca/app-netify-fwa/issues/3 . After adding your first application or protocol, you need to stop/start the service (the button on the right side of the web page) or manually restart the firewall from the command line: service firewall restart
Note: you don't need to do this after adding the first rule. -
Accepted Answer
The Netify Application Filter finally started working today!
Last night, our ISP required us to change our WAN IP, Default Gateway and Subnet Mask. While I was at it, I also changed to their Primary and Secondary DNS servers.
I rebooted the server last night, and now it works. Maybe changing the DNS servers fixed it? Or the reboot?
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »