How to use firewall to block specific sites and games?


(jayay) #1

I created a service named “youtube” in the firewall objects…

Then in the firewall rules. I create a rule for youtube’'UDP port 443.

I chose the action “Reject” but still I can access the youtube. I also tried “Drop” but still nothing happens. Can someone please help me or clarify how to properly block a site/games/downloads using firewall rules in the nethserver. Thank you…


(Ralf Jeckel) #2

Please have a look at nDPI-feature of nethserver-firewall:
http://docs.nethserver.org/en/latest/firewall.html#deep-packet-inspection-dpi

Please note that nDPI is limited: no reject, no any, etc in rules.

Youtube is special to block. In my experice not only the nDPI-youtube-traffic has to be blocked, also the nDPI-QIC-traffic.

A list of protocols can be found here: https://www.ntop.org/products/deep-packet-inspection/ndpi/

Good luck!


(jayay) #3


(Michael Kicks) #4

Firewall section is not the right tool.
ndpi addon could be a way (with bandwidth manager), another one could be the installation of proxy with content filter
https://docs.nethserver.org/en/v7/content_filter.html


(jayay) #5

I’ll do the things you guys told me. Thank you for the replies :slight_smile:


(André Wismer) #6

@dustmaker

Another way to go would be putting youtube.com in the DNS, pointing to your Nethserver or localhost.
The Nethserver could contain a custom error message in a virtual host (youtube.com), telling users that youtube isn’t allowed in that environment.

Best would be several methods, combined.

My 2 cents
Andy