Forums

Fernando
Fernando
Offline
Resolved
0 votes
Dears Friends

I have a problem, on my company i blocked facebook.com, but the users are access on protocol https, i blocked some ip´s of facebook but they haves a lot ip, please, how to block facebook on https protocol...??


Many Tks
Tuesday, August 30 2011, 09:30 PM
Share this post:
Responses (34)
  • Accepted Answer

    Thursday, January 26 2017, 11:03 PM - #Permalink
    Resolved
    -1 votes
    The Netify Application Filter finally started working today!

    Last night, our ISP required us to change our WAN IP, Default Gateway and Subnet Mask. While I was at it, I also changed to their Primary and Secondary DNS servers.

    I rebooted the server last night, and now it works. Maybe changing the DNS servers fixed it? Or the reboot?
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Wednesday, January 11 2017, 05:04 PM - #Permalink
    Resolved
    0 votes
    Hi all,

    Thanks for the remote access. One thing that I noticed this morning is that the firewall hook for Netify isn't always configured - here's a related tracker item: https://github.com/eglooca/app-netify-fwa/issues/3 . After adding your first application or protocol, you need to stop/start the service (the button on the right side of the web page) or manually restart the firewall from the command line: service firewall restart

    Note: you don't need to do this after adding the first rule.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, January 11 2017, 12:50 AM - #Permalink
    Resolved
    -1 votes
    Peter Baldwin wrote:

    I'm stumped! I'll have to pass this on to our network guru. Would it be possible to get remote access to your system? If so, please submit your hostname and system password to https://secure.clearcenter.com/portal/system_password.jsp and we'll get it resolved.


    Hello Peter,

    I have created the support ticket with the login info. The ticket ID is 551809. Thanks!
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, January 10 2017, 08:32 PM - #Permalink
    Resolved
    -1 votes
    I'm on version:

    [root@enterprise ~]# rpm -q netifyd
    netifyd-1.3-2.v7.x86_64
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Tuesday, January 10 2017, 07:38 PM - #Permalink
    Resolved
    0 votes
    David O'Donnell wrote:

    This is what I get with that command:
    netifyd-1.1-8.v7.x86_64


    I'm stumped! I'll have to pass this on to our network guru. Would it be possible to get remote access to your system? If so, please submit your hostname and system password to https://secure.clearcenter.com/portal/system_password.jsp and we'll get it resolved.
    The reply is currently minimized Show
  • Accepted Answer

    Monday, January 09 2017, 10:27 PM - #Permalink
    Resolved
    0 votes
    Peter Baldwin wrote:
    I wonder if you have the bleeding edge version of Netify? If you are familiar with the command line environment, check the netifyd version with:

    rpm -q netifyd

    It should be version 1.1-8. If it's a higher version, then the Application Filter and Protocol Filter apps won't work.


    Hello Peter,

    This is what I get with that command:
    netifyd-1.1-8.v7.x86_64
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Monday, January 09 2017, 03:05 PM - #Permalink
    Resolved
    0 votes
    David O'Donnell wrote:

    Yes, I tried checking 6 others, none of the sites get blocked.


    I wonder if you have the bleeding edge version of Netify? If you are familiar with the command line environment, check the netifyd version with:

    rpm -q netifyd

    It should be version 1.1-8. If it's a higher version, then the Application Filter and Protocol Filter apps won't work.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 06 2017, 09:15 AM - #Permalink
    Resolved
    1 votes
    I have found the most effective way to do this is via DNS (dnsmasq)

    Add the lines below to /etc/dnsmasq.conf

    address=/encrypted.google.com/127.0.0.1
    address=/facebook.com/127.0.0.1
    address=/twitter.com/127.0.0.1
    address=/plus.google.com/127.0.0.1
    address=/youtube.com/127.0.0.1
    address=/instagram.com/127.0.0.1
    address=/itunes.apple.com/127.0.0.1


    One of the reasons this is better for me is that I want to only block these sites during the working day. Using cron they are unblocked at 5pm

    You also have to ensure that the COS gateway provides all DNS answers
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 06 2017, 08:08 AM - #Permalink
    Resolved
    0 votes
    Yeah, I was just awake and couldn't sleep anymore.

    Ah, I was under the impression that it was about Netify but this is about 2 free apps (Protocol Filter and Application filter). It's time we get some education of the OSI model. :)
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 06 2017, 06:32 AM - #Permalink
    Resolved
    0 votes
    @Marcel,
    You're up early! Filters were announced here
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 06 2017, 04:42 AM - #Permalink
    Resolved
    0 votes
    Is there a Netify application filter module?

    Edit: It's indeed possible to filter traffic with Netify. Only I'm not sure how. Investigating....
    The reply is currently minimized Show
  • Accepted Answer

    Friday, January 06 2017, 01:29 AM - #Permalink
    Resolved
    0 votes
    Yes, I tried checking 6 others, none of the sites get blocked.
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Friday, January 06 2017, 01:21 AM - #Permalink
    Resolved
    0 votes
    David O'Donnell wrote:

    I installed the Netify Application Filter and added Facebook to the "Blocked Applications" list.

    I am still able to access Facebook. I tried stopping and starting the Application Filter but nothing changed. So I added Twitter to the list and am getting the same results. What am I doing wrong?


    Are you able to block other applications? I can see that there have been some recent discussions about Facebook and deep packet inspection, so this might be a Facebook-only issue.
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, January 05 2017, 10:19 PM - #Permalink
    Resolved
    0 votes
    I installed the Netify Application Filter and added Facebook to the "Blocked Applications" list.

    I am still able to access Facebook. I tried stopping and starting the Application Filter but nothing changed. So I added Twitter to the list and am getting the same results. What am I doing wrong?
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Friday, December 23 2016, 04:11 PM - #Permalink
    Resolved
    0 votes
    H.323 wrote:

    You can also load redwood into ClearOS. Hopefully they will natively support it soon.


    I don't have an ETA, but I believe it's coming. I have tried Redwood on my home system and it's great... definitely recommended!

    Just to clarify, Netify does not decrypt SSL traffic (which requires allowing forged SSL certificates on client systems). Instead, the Netify engine uses deep packet inspection techniques to deconstruct SSL certificates early in the HTTPS conversation. Privacy and security is important to Netify, so we do not poke into the content or payload of traffic. Netify identifies:

    - the web/app in use e.g. Facebook
    - the local MAC/IP address
    - the remote IP address (with Geolocation and Malware details)
    - bandwidth over time
    - protocol (HTTPS, Bittorrent, etc)
    - DNS/hostname information
    - and some other networking tidbits

    ... but no payload information! With Netify, a secure connection to your online bank is still a secure connection to your online bank.
    The reply is currently minimized Show
  • Accepted Answer

    H.323
    H.323
    Offline
    Thursday, December 22 2016, 07:33 PM - #Permalink
    Resolved
    0 votes
    You can also load redwood into ClearOS. Hopefully they will natively support it soon. It replaces both squid and dansguardian; is a similar alternative to dansgardian only it's more powerful. It examines HTTPS, so you can handle all HTTPs traffic the way you were used to handling HTTP.
    It can be downloaded here: https://github.com/andybalholm/redwood
    The community version doesn't have a GUI. If you want a GUI, you need to contact Compass Foundation 855-530-8090
    Note: I am not an associate of Compass Foundation but I do buy from them.
    The reply is currently minimized Show
  • Accepted Answer

    PeterB
    PeterB
    Offline
    Thursday, December 22 2016, 04:28 AM - #Permalink
    Resolved
    0 votes
    Santosh pattanaik wrote:

    Dear Clear OS support Team please help us block Facebook & youtube site
    we thanks full to developers


    This is an old thread, but it has come up twice in the last week via customers. You can now use the Application Filter (beta) to block YouTube and Facebook, even if your web proxy is running in transparent mode. How? The Application Filter is able to deconstruct the HTTPS/SSL certificates in the brief moment in time when traffic between the web browser and server is not yet encrypted. More information here:

    - User Guide
    - Application Details
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, December 08 2015, 10:55 AM - #Permalink
    Resolved
    1 votes
    Dear Clear OS support Team please help us block Facebook & youtube site
    we thanks full to developers
    The reply is currently minimized Show
  • Accepted Answer

    Monday, September 21 2015, 02:51 PM - #Permalink
    Resolved
    0 votes
    There are two ways to block Facebook on ClearOS.

    You either need to use non-transparent mode proxy, our you need to filter on DNS (it's best to implement both if you can)

    You can read more about that here.
    The reply is currently minimized Show
  • Accepted Answer

    bigce
    bigce
    Offline
    Saturday, March 14 2015, 10:40 AM - #Permalink
    Resolved
    2 votes
    try using incoming firewall

    Blocked Incoming Connections-> Add

    nickname - www.facebook.com
    host - www.facebook.com
    The reply is currently minimized Show
  • Accepted Answer

    mARCOS
    mARCOS
    Offline
    Wednesday, September 24 2014, 05:38 PM - #Permalink
    Resolved
    0 votes
    The reply is currently minimized Show
  • Accepted Answer

    H.323
    H.323
    Offline
    Saturday, August 23 2014, 02:57 AM - #Permalink
    Resolved
    0 votes
    Blocking IPs is very problematic because of the cloud hosting now days. Try doing this in your squid.conf. etc/squid/squid.conf
    You cannot be running transparent proxy. No firewall is needed on the ClearOS for this to work.
    # no SSL sites
    acl no_ssl_sites dstdomain .craigslist.org
    or place all your banned ssl sites in a file like like this: acl no_ssl_sites dstdomain "/etc/squid/blacklist/noSSLsites"
    acl unsafe_ports port 443
    http_access deny no_ssl_sites unsafe_ports

    The result is that [http://craigslist.org] will be filtered and [https://craigslist.org] will be blocked.
    The reply is currently minimized Show
  • Accepted Answer

    Friday, July 18 2014, 06:02 AM - #Permalink
    Resolved
    0 votes
    Hello,

    I am really stuck here. can any one help me please ?

    Thanks
    Karniv Patel
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 15 2014, 01:48 PM - #Permalink
    Resolved
    0 votes
    Hello to all,

    Please help me to sort out in this issue.

    I want to block social networking sites like facebook,you tube,etc...

    My Setup are :-
    1)
    Gateway---Web Proxy----Setting
    Transparent Mode---Disabled
    User Authentication--- Enabled

    also i add all usefull site in Content filter-----Exception Sites
    But it's not working.

    2)
    I am also changing in /etc/squid/squid.conf file

    acl special_clients src "/etc/squid/special_client_ips.txt"
    acl facebook dstdomain .facebook.com

    Under http access

    http_access allow facebook special_clients
    http_access deny facebook
    http_access allow all

    service squid restart

    But it doesn't work.

    3)
    I have also configured Engress firewall but it block all https(443) traffic, but i want to allow some https sites.
    How it possible?

    Do i miss anything? Is there any configuration problem? Please let me know.
    Any help would be appreciated.

    Thanks in advance,

    Karniv Patel
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 08 2014, 11:57 AM - #Permalink
    Resolved
    1 votes
    hi all,

    I am also changing in squid.conf file but it doesn't work

    my setup is

    acl special_clients src "/etc/squid/special_client_ips.txt"

    acl facebook dstdomain .facebook.com

    Under http access

    http_access allow facebook special_clients

    http_access deny facebook

    http_access allow all


    service squid restart


    Please help me sort out this issue.

    Thanks,
    Karniv Patel
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 03 2014, 01:32 PM - #Permalink
    Resolved
    0 votes
    hi all,

    I am using clearos 6.5 community

    I want to block some social website like facebook,youtube,etc... per ip address

    How can i do that??

    Thanks
    Karniv Patel
    The reply is currently minimized Show
  • Accepted Answer

    Friday, December 07 2012, 02:40 PM - #Permalink
    Resolved
    0 votes
    Use o script na agenda cron, coloque pra rodar em minutos

    segue abaixo

    #/bin/bash
    #
    #LIMPAR ARQUIVO ip_facebook EDIT: Achei melhor manter essa lista por mais tempo :D
    #echo "" > ip_facebook
    #CAPTURAR IP DO FACEBOOK
    host www.facebook.com >> /tmp/host_facebook

    ## EXPRESSÃO REFULAR PARA CAPTURAR SOMENTE OS IPS DO ARQUIVO host_facebook
    sed -n 's/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/\nip&\n/gp' /tmp/host_facebook | grep ip | sed 's/ip//'| sort | uniq >> /tmp/ip_facebook

    ## REGRA DE CONDIÇÃO PARA BLOCK DOS IPS
    for ip in $(cat /tmp/ip_facebook); do

    iptables -n -L FORWARD | grep $ip
    if [ $? -eq 1 ]
    then
    iptables -I FORWARD -s $ip -j DROP
    fi
    done
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, May 13 2012, 10:57 PM - #Permalink
    Resolved
    0 votes
    Try add this line to /etc/hosts:

    173.194.70.102 facebook.com


    Restart Dnsmasq:

    service dnsmasq restart


    and (optionally) flush DNS Cache on clients

    On Windows OS (with admin rights):

    ipconfig /flushdns



    That IP belongs to Google. So if your users type facebook.com in the browser, they will be redirected to Google.com.
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, May 13 2012, 12:26 PM - #Permalink
    Resolved
    0 votes
    How have you tried?
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, May 13 2012, 09:09 AM - #Permalink
    Resolved
    0 votes
    hi,

    I failed to block https sites I've tried all possible ways.
    can you tell me how can i redirect https request to google.com
    The reply is currently minimized Show
  • Accepted Answer

    indtam
    indtam
    Offline
    Monday, November 21 2011, 07:31 AM - #Permalink
    Resolved
    0 votes
    hi,

    I failed to block while using Content Filter. But I tried alternate method and succeed for terminal server. Just I have redirected the facebook.com to google.com. So whenever users try to access the facebook.com (it may be http or https), system automatically redirect the users to google.com.

    If we disable the content filter, could not restrict users from accessing unwanted sites..
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, September 03 2011, 05:09 PM - #Permalink
    Resolved
    0 votes
    Also, not using the content filter, have a look at this thread.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, August 31 2011, 12:58 PM - #Permalink
    Resolved
    0 votes
    HTTPS sessions will bypass the proxy unless you disable Transparent Proxy to force workstations to use the proxy for HTTPS. So disable "Transparent Mode" on the Gateway/Web Proxy page.
    The reply is currently minimized Show
  • Accepted Answer

    Wednesday, August 31 2011, 11:51 AM - #Permalink
    Resolved
    0 votes
    Are you using the content filter? Select "Social Networking" as of of your blocked group types (under "Blacklists"), and ensure that you have "Block IP Domains" selected.

    That should do it, no?

    B.
    The reply is currently minimized Show
Your Reply