D-Link Forums

The Graveyard - Products No Longer Supported => D-Link NetDefend Firewalls => Topic started by: aroraditya on May 18, 2012, 05:56:44 AM

Title: website block - facebook
Post by: aroraditya on May 18, 2012, 05:56:44 AM

Hello everyone,

i need a small help. I am having a DFL-800 Firewall through which we are blocking facebook and other sites in our office domain network. it block facebook if user open it http://www.facebook.com.

but if any user open it with HTTPS://www.facebook.com firewall didnt block them ???.

please advise how can i block https sites through DFL 800.

thank you very much for advise.

Regards
Aditya

Title: Re: website block - facebook
Post by: chechito on May 18, 2012, 06:35:32 PM

you can use opendns filtering or filter https protocol allowing only known https sites

you cannot filter https traffic because of encryption obscure url text

Title: Re: website block - facebook
Post by: lingnau on December 21, 2012, 02:59:15 AM

The only way to do that with a DFL firewall is to block the HTTPS traffic to the domain ranges used by facebook:

Create a few objects for the IP adresses

FACEBOOK_A 69.171.224.0/19
FACEBOOK_B 66.220.144.0/20

and so on.

After that, create a group that contains all those objects
IP_GP_Facebook FACEBOOK_A, FACEBOOK_B

Create a block rule before all the other rules and that should prevent the access to facebook.

Here's a suggested list of IP adresses:
http://stackoverflow.com/questions/11164672/list-of-ip-space-used-by-facebook