[ previous ] [ next ] [ threads ]
 
 From:  Mike Nichols <mike at myownsoho dot net>
 To:  rbasuki at gdincorporation dot com
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] How to block a certain website with m0n0wall?
 Date:  Fri, 09 Oct 2009 01:06:16 -0400
I think resolving this issue really is best suited using something other 
than m0n0wall. I have not used untangle myself, but a web filtering 
mechanism is really what is needed.  the guys at OpenDNS.org are really 
nice and have useful products for this type of thing.  many of my 
clients (being end users and parents alike) are given fine grained 
control over what is and what isn't available. Incorporating its use 
with m0n0wall directly is the best use of the services and would be 
scalable to any number of machines using m0n0 as the gateway.



GD Incorporation wrote:
> Dear Lee
>
> I did like what you wrote below. I went to whois.com and find info on
> facebook.com domain and found that they used 4 dns servers. I was thinking
> to block the DNS servers thinking that all access that goes through that
> server will be rejected. But you are right if the DNS Servers are hosted to
> important business oriented servers such as GoDaddy, then it will be
> trouble. 
>
> I hope m0n0wall have a feature to block a certain domain all at once.
>
> Now the next question, since the m0n0wall does not seem to be able to block
> one whole domain, if I put a real web portal such as dansguardian to filter
> what websites can be accessed, shoud I put it between ADSL modem and
> Firewall or should I put it behind firewall?
>
> Or do you still have more tricks in your sleeves to solve my problem?
>
> Thanks
> Rendra
>
> -----Original Message-----
> From: Lee Sharp [mailto:leesharp at hal dash pc dot org] 
> Sent: Friday, October 09, 2009 3:39 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] How to block a certain website with m0n0wall?
>
> Rendra Basuki wrote:
>   
>> Actually I am trying to block sites such as twitter, facebook, hi5, 
>> and friendster since my boss said it caused lower productivity.
>>
>> Any suggestion. I tried to put firewall rules to block the IP address 
>> of www.facebook.oom and facebook.com. The funny thing is that 
>> www.facebook.com and facebook.com shows 2 different addresses when I ping
>>     
> it.
>
> I am taking this back to the list, as it is handy for lost of people.
>
> Large sites like those are NOT one computer.  Facebook actually has
> 69.63.176.0/20 for possible servers, and they may move.  To filter stuff
> like that, you need a real web filter.  I have used Untangle in a few
> clients and it works well.  However, using it with m0n0wall can be a
> challenge depending on the functions you need.  For example, Captive Portal
> will not work "through" Untangle is it is a b-router and rewrites the MAC
> address.
>
> Or, you can ping each server, the do a 'whois' on the address block, and
> block the whole thing, and hope it is not hosted somewhere (like
> GoDaddy) with websites you need for business reasons.
>
> 			Lee
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>