• June 15, 2024, 04:46:33 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: HTTP ALG ISSUE FOR FACEBOOK PAGE  (Read 3962 times)

hassankazmi

  • Level 1 Member
  • *
  • Posts: 7
HTTP ALG ISSUE FOR FACEBOOK PAGE
« on: March 20, 2011, 11:06:02 PM »
Dear All,

I just want to discuss a serious issue which i am facing in this box. Actually, I applied http ALG settings in it and it worked fine for so many pages but when i try to open https page of face book it opens up right away. http://www.facebook.com is blocked but https page is working. I even applied ALG for https site separately but when i do that it blocks whole internet and even do not let me open some of my own secure sites. If anybody can help me in this issue then please proceed.

If you need to know anything about my DFL-800 firewall, do not hesitate to let me know.

Regards,
Hassan Kazmi

Logged

silver_surfer30

  • Level 3 Member
  • ***
  • Posts: 107
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #1 on: March 23, 2011, 05:31:43 AM »
This is quite normal.
The alg feature only work for hhtp filtering not https.

Logged

chechito

  • Level 3 Member
  • ***
  • Posts: 193
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #2 on: March 23, 2011, 07:33:36 AM »
Https traffic is encrypted and cannot be filtered without decrypting it, some vendors are implementing https filtering.

We have to investigate how to do this using TLS alg, maybe be possible
Logged

hassankazmi

  • Level 1 Member
  • *
  • Posts: 7
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #3 on: March 24, 2011, 12:42:50 AM »
Thank you for your reply. Please do let me know some method to block https page of facebook.

Your help would be highly appreciated.
Logged

hassankazmi

  • Level 1 Member
  • *
  • Posts: 7
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #4 on: March 25, 2011, 05:43:27 AM »
is there any keyword blocking in DFL-800 like Linksys RV042 router does? Can you please help me out in this? I just want to block face book page on my network.
Logged

hassankazmi

  • Level 1 Member
  • *
  • Posts: 7
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #5 on: March 25, 2011, 06:07:58 AM »
I need help regarding IDP rules in DFL-800. Please do let me know the way to use it. Can i block face book https page through IDP rules?
Logged

lingnau

  • Level 2 Member
  • **
  • Posts: 53
    • www.lingnau.com.br
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #6 on: April 05, 2011, 07:41:21 AM »
There are a few workarounds.

If you have control over the DNS server the clients are using (If it is a local DNS) you could just create the facebook domain locally and redirect the www and @ hosts to something that does not exist. It would prevent access to facebook trough the URL.

The second workaround, is use ping and other means to find out the adress or adress-range from Facebooks servers, then create an object on the DFL that represents that adress and simply blocking it with a deny rule.

Voilá.

(I would simply love the DFL series if they supported dns blacklisting of hosts, like dns:www.facebook.com, that would make things so easy... )
Logged

chechito

  • Level 3 Member
  • ***
  • Posts: 193
Re: HTTP ALG ISSUE FOR FACEBOOK PAGE
« Reply #7 on: April 05, 2011, 11:50:29 AM »
use opendns to filter face book and related domains
Logged