Facebook blocking

Support
21

Great! Let us know of the outcome!

22

Hi Lewis,

I have blocked Facebook access for GREEN using the following settings.
It works with or without “Block HTTP and HTTPS ports” enabled.

But, with this configuration (“Transparent with SSL” with or without “Block HTTP and HTTPS ports” enabled), I have a problem regarding Google Translate (till now) but I’m sure may be and other dysfunctions regarding sites. I will open another post with this but I want you to know about that.

1_WebProxy.PNG1280×1024 83.5 KB

2_WebContentFilter.PNG1280×1024 76.5 KB

3_Facebook.PNG1280×1024 43.7 KB

1 Like
23

That’s a good FAQ! :slight_smile: Remind that with Transparent SSL you’re forced to install the certificate into your client

24

Hi Alessio,

You are right!

1_WebProxy2.PNG1279×1024 136 KB

25

@vhinzsanchez I have not tried his method, having problems understanding. How do I add all the IP/CIDR? It looks like I have to add one at a time in Firewall Objects>CIDR Subnets, once that done how do I link them all to a group?

@GG_jr gave you method a go, and it didnt work, dont know if I did something wrong.
How do i force my certificate to be installed, I have tried and having no luck. Using Firefox

26
  1. Remove from Firefox → Options → Advanced → Certificates → View Certificates, any certificate regarding NS.
  2. In NS GUI → Web Proxy: right click on “http://your_ip/proxy.crt” and “Open Link in New Tab”.
  3. Save the certificate.
  4. Import the certificate as Trusted Authorities.
  5. Restart Firefox (Optional).

1_Firefox Certificates.PNG1280×1024 88.5 KB

1 Like
27

Ehi man, those are good explanations! Please take some time to create a new page on our wiki :smile:

28

I found the problem:

Do not enable “Block porn sites by regular expressions on URL”.

If you want to block porn sites, choose from “Categories”.

With “Block porn sites by regular expressions on URL” enabled, also blocked and this:
http://docs.nethserver.org/en/latest/base_system.html?highlight=services#network-services

when I want to open from here:

Edit Filters.PNG1280×1024 96.2 KB

Deny.PNG1280×1024 49.1 KB

29

Another How To: Problem with ssl bump on Firefox 39+

TIP: If you have installed any AV that scan SSL, disable this option!

DO NOT SCAN SSL!.PNG1280×800 53.6 KB

30

Hi everybody,

Another TIP regarding blocking Facebook through Web proxy -> Transparent with SSL and Web filter:

If you want to access different media web sites who have “Comments” section made with “Facebook Comments Plugin”, you will not be able to see or access that section.

This is available for any other combination (Blocking Twitter and Twitter Plugin, …).

Kind regards,
Gabriel

0_FB blocked.PNG821×1024 121 KB

0_FB unblocked.PNG828×1024 132 KB

1 Like
31

Unfoturnatelly it is whole stystem blocking, but TS ask about how to block certain user. So only firewall rules.

32

Yes, but even those users will be not able to see that section.
Is the same thing but only for a few users. Or not?

33

the one way to resolve this problem (for me), was use the iptable:

iptables -I FORWARD -s 192.168.1.1 -p tcp --dport 443 -m string --string ‘facebook’ --algo bm -j DROP

Or other case, block all and allow some IP connect.
#Block all
iptables -I FORWARD -p tcp --dport 443 -m string --string ‘facebook’ --algo bm -j DROP
#Allow IP
iptables -I FORWARD -s 192.168.1.123 -p tcp --dport 443 -m string --string ‘facebook’ --algo bm -j ACCEPT

This way you keep using the transparent proxy without ssl.

Regards…