Re: [pfSense Support] block facebook twitter and youtube pfsense

[Kurt Buff]

On Fri, Jun 4, 2010 at 12:54, Yehuda Katz  wrote:
> On Fri, Jun 4, 2010 at 3:30 PM, Tim Nelson  wrote:
>>
>> However, the more savvy users will just find some proxy out there to use.
>> 'Proxy' has become a new buzzword for the social networking crowd as of late
>> it seems...
>
> It doesn't even require a very savvy user. There are free email lists which
> notify you by email of new proxy sites (peacefire.org).
> Besides that, don't forget that many sites can be accessed just by their IP
> addresses.

And that's why I'm also thinking of blocking by MIME type - flv
content in particular.

Kurt

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] First doubt

[Kai Lan]

I am currently using a free filter called panabit, freebsd based; and pfsense 
does nat, firewall.


On 4 Jun 2010, at 20:42, Tiago  wrote:

> Hello
> 
> This is my first post
> 
> I started with pfsense 2 weeks ago and until now I'm getting happy with 
> then
> 
> 
> Well, nowadays I need to block (or limit) MSN, Google Talk, Yahoo Messenger 
> etc... in my company
> 
> I downloaded IMSpector package but I can't view the logs messages. I put this 
> settings
> 
> 
> Interfaces -  LAN
> Listen on protocols, all selected (MSN, ICQ etc...)
> Enable file logging - enabled
> I didn't configure MySQL - Is it necessary Mandatory??
> In ACL whitelist I put localuser (to allow full access) Am I right??
> 
> What's the next steps?
> 
> Or
> 
> Is it possible to block this kind of programs?? Because I've read some posts 
> in this forum and people are having a lot of problem to block this
> 
> What is your opinion??
> 
> This is my last tentative before dismiss the employed
> 
> Tiago Picon 
> DESENVOLVIMENTO
> 
> Scenario - Automação Residencial 
> (16) 3368-3399 - São Carlos 
> tpi...@scenario.ind.br
> www.scenario.ind.br
> 
> 
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
> 
> Commercial support available - https://portal.pfsense.org
> 

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Yehuda Katz]

On Fri, Jun 4, 2010 at 3:30 PM, Tim Nelson  wrote:

> However, the more savvy users will just find some proxy out there to use.
> 'Proxy' has become a new buzzword for the social networking crowd as of late
> it seems...
>
> It doesn't even require a very savvy user. There are free email lists which
notify you by email of new proxy sites (peacefire.org).
Besides that, don't forget that many sites can be accessed just by their IP
addresses.

[pfSense Support] First doubt

[Tiago]

Hello

This is my first post

I started with pfsense 2 weeks ago and until now I'm getting happy with then


Well, nowadays I need to block (or limit) MSN, Google Talk, Yahoo Messenger 
etc... in my company

I downloaded IMSpector package but I can't view the logs messages. I put this 
settings


Interfaces -  LAN
Listen on protocols, all selected (MSN, ICQ etc...)
Enable file logging - enabled
I didn't configure MySQL - Is it necessary Mandatory??
In ACL whitelist I put localuser (to allow full access) Am I right??

What's the next steps?

Or

Is it possible to block this kind of programs?? Because I've read some posts in 
this forum and people are having a lot of problem to block this

What is your opinion??

This is my last tentative before dismiss the employed

Tiago Picon 
DESENVOLVIMENTO

Scenario - Automação Residencial 
(16) 3368-3399 - São Carlos 
tpi...@scenario.ind.br
www.scenario.ind.br


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

RE: [pfSense Support] PFsense 2.0 SMTP notifications.

[Ryan]

> 
> Anything that would show up in the top bar as an alert. 
> Gateway failures aren't counted among those, however. Things 
> like CARP changeovers would do that, and some other major things.
> 
> I have some ideas for beefing that area up. I'm interesting 
> in having an HDD space notification, and I know there are 
> probably other general triggers that people would like to see 
> (high load average, high swap usage, etc)
> 
> Jim
> 
Thanks for the quick reply.  With our failover setup like it is, one of our 
internet goes down sometimes and I don't ever realise (great router).  I would 
just like an email of these events so I could check an see whats going on.  Or 
at least know it went down.  I agree that other alerts would be great as well.  
System rebooted, state table maxing out, CPU maxing out just to think of a few. 
 I love that smtp is here now.  It gives alot of potential.


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Tim Nelson]

- "Ryan"  wrote:
> > 
> > If you have a DNS server for internal use in your org, 
> > consider putting zones on it that are authoritative for the 
> > sites you wish to block, then putting in a wildcard entry 
> > that points to 127.0.0.1
> > 
> > I do that for all of the sites you mention, plus a few others.
> > 
> 
> I do this for a few sites myself using the dns server in PFsense.  I
> forward to an internal webserver that has a page that says Get to work
> and says some lie about All internet traffic is monitored and repeated
> attempts to access this site will be sent to your supervsior.   It's
> not perfect, but it works well for our user.
> 

Agreed. I use this method at several locations as well. The DNS server that is 
authoritative for those domains is on a different subnet/interface as well so I 
can use a NAT rule to ensure *ALL* DNS traffic is forced to go through that DNS 
server. It really is pretty slick. However, the more savvy users will just find 
some proxy out there to use. 'Proxy' has become a new buzzword for the social 
networking crowd as of late it seems...

--Tim

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] PFsense 2.0 SMTP notifications.

[Jim Pingle]

On 6/4/2010 3:19 PM, Ryan wrote:
> Sorry if this gets sent twice, I forgot to put a subject 
> I finally got a chance t play with the new version 2.0 beta.  I must say, I 
> like what I see so far.  Thanks
> 
> I see there is a place under Advanced > Notifications for an smtp server for 
> noticfications.  What is considered an Alert that would be sent by these 
> notifications?  Is there a place to adjust this.  I mainly and looking for a 
> notice that a gateway id down.  Thanks for the help.

Anything that would show up in the top bar as an alert. Gateway failures
aren't counted among those, however. Things like CARP changeovers would
do that, and some other major things.

I have some ideas for beefing that area up. I'm interesting in having an
HDD space notification, and I know there are probably other general
triggers that people would like to see (high load average, high swap
usage, etc)

Jim

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

RE: [pfSense Support] block facebook twitter and youtube pfsense

[Ryan]

> 
> If you have a DNS server for internal use in your org, 
> consider putting zones on it that are authoritative for the 
> sites you wish to block, then putting in a wildcard entry 
> that points to 127.0.0.1
> 
> I do that for all of the sites you mention, plus a few others.
> 

I do this for a few sites myself using the dns server in PFsense.  I forward to 
an internal webserver that has a page that says Get to work and says some lie 
about All internet traffic is monitored and repeated attempts to access this 
site will be sent to your supervsior.   It's not perfect, but it works well for 
our user.


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Kurt Buff]

On Thu, Jun 3, 2010 at 21:18, justino garcia  wrote:
> How does one go by blocking facebook twitter and youtube also how does
> one autoblock malicous sites
> Thanks
> Justin
>
> --
> Justin
> IT-TECH

If you have a DNS server for internal use in your org, consider
putting zones on it that are authoritative for the sites you wish to
block, then putting in a wildcard entry that points to 127.0.0.1

I do that for all of the sites you mention, plus a few others.

For the actually malicious stuff, the recommendations for
squid/squidguard are spot on.

Kurt

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

[pfSense Support] PFsense 2.0 SMTP notifications.

[Ryan]

Sorry if this gets sent twice, I forgot to put a subject 
I finally got a chance t play with the new version 2.0 beta.  I must say, I 
like what I see so far.  Thanks

I see there is a place under Advanced > Notifications for an smtp server for 
noticfications.  What is considered an Alert that would be sent by these 
notifications?  Is there a place to adjust this.  I mainly and looking for a 
notice that a gateway id down.  Thanks for the help.

Ryan
 

__ Information from ESET NOD32 Antivirus, version of virus signature 
database 5173 (20100604) __

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 
 

__ Information from ESET NOD32 Antivirus, version of virus signature 
database 5173 (20100604) __

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com
 


-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Tim Dressel]

We used openDNS at all our schools but we just finished putting all
our schools behind a single firewall so that didn't fly. We had to go
to a commercial filter product unfortunately. We did consider throwing
up DNS servers all over the place but it would have become ugly to
manage.



On Fri, Jun 4, 2010 at 11:28 AM, Jaye Mathisen  wrote:
> openDNS can help with this as well.
>
> 2010/6/4 Kai Lan 
>>
>> I think the easiest way is over ride the dns. Or make the ips routed to a
>> wrong destination by adding a static route rule.
>>
>> Regards,
>> Kai
>> On 4 Jun 2010, at 15:41, "Luis G. Coralle"  wrote:
>>
>>
>>
>> 2010/6/4 Luke Jaeger 
>>>
>>> We use squidguard in combination with shallalist (www.shallalist.de) to
>>> block sites by category (malware, porn, gambling, etc).
>>> You can also add individual domains to your blacklist by hand.
>>> Works great.
>>>
>>>
>>> Luke Jaeger | Technology Coordinator
>>> Pioneer Valley Performing Arts Charter Public School
>>> www.pvpa.org
>>>
>>> On Jun 4, 2010, at 12:18 AM, justino garcia wrote:
>>>
 How does one go by blocking facebook twitter and youtube also how does
 one autoblock malicous sites
 Thanks
 Justin

 --
 Justin
 IT-TECH

 -
 To unsubscribe, e-mail: support-unsubscr...@pfsense.com
 For additional commands, e-mail: support-h...@pfsense.com

 Commercial support available - https://portal.pfsense.org

>>>
>>>
>>> -
>>> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
>>> For additional commands, e-mail: support-h...@pfsense.com
>>>
>>> Commercial support available - https://portal.pfsense.org
>>>
>>
>>
>> Hi, squid no caching https pages. Facebook have https too (
>> https://www.facebook.com/ )
>> To block this you have to add rule like:
>>
>> Destination:
>> Type: Network
>> Address: 66.220.144.0/20
>>
>>
>> See:
>> - http://wiki.developers.facebook.com/index.php/Facebook_IP_Addresses
>> - whois 69.63.189.16
>>
>>
>>
>> --
>> Luis G. Coralle
>> Departamento de Informática
>> Facultad de Ciencias Médicas
>> Universidad Nacional del Comahue
>> Av. Luis Toschi y Los Arrayanes
>> Cipolletti - Río Negro
>> Tel. 0299 - 4782603 INT. 24 / Fax 0299 - 4776140
>> http://medicina.uncoma.edu.ar/
>
>

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Jaye Mathisen]

openDNS can help with this as well.

2010/6/4 Kai Lan 

> I think the easiest way is over ride the dns. Or make the ips routed to a
> wrong destination by adding a static route rule.
>
> Regards,
>
> Kai
>
> On 4 Jun 2010, at 15:41, "Luis G. Coralle"  wrote:
>
>
>
> 2010/6/4 Luke Jaeger < ad...@pvpa.org>
>
>> We use squidguard in combination with shallalist (
>> www.shallalist.de) to block sites by category (malware, porn, gambling,
>> etc).
>> You can also add individual domains to your blacklist by hand.
>> Works great.
>>
>>
>> Luke Jaeger | Technology Coordinator
>> Pioneer Valley Performing Arts Charter Public School
>>  www.pvpa.org
>>
>>
>> On Jun 4, 2010, at 12:18 AM, justino garcia wrote:
>>
>>  How does one go by blocking facebook twitter and youtube also how does
>>> one autoblock malicous sites
>>> Thanks
>>> Justin
>>>
>>> --
>>> Justin
>>> IT-TECH
>>>
>>> -
>>> To unsubscribe, e-mail: 
>>> support-unsubscr...@pfsense.com
>>> For additional commands, e-mail: 
>>> support-h...@pfsense.com
>>>
>>> Commercial support available - 
>>> https://portal.pfsense.org
>>>
>>>
>>
>> -
>> To unsubscribe, e-mail: 
>> support-unsubscr...@pfsense.com
>> For additional commands, e-mail: 
>> support-h...@pfsense.com
>>
>> Commercial support available - 
>> https://portal.pfsense.org
>>
>>
>
> Hi, squid no caching https pages. Facebook have https too (
> https://www.facebook.com/ )
> To block this you have to add rule like:
>
> Destination:
> Type: Network
> Address: 66.220.144.0/20
>
>
> See:
> - 
> http://wiki.developers.facebook.com/index.php/Facebook_IP_Addresses
> - whois 69.63.189.16
>
>
>
> --
> Luis G. Coralle
> Departamento de Informática
> Facultad de Ciencias Médicas
> Universidad Nacional del Comahue
> Av. Luis Toschi y Los Arrayanes
> Cipolletti - Río Negro
> Tel. 0299 - 4782603 INT. 24 / Fax 0299 - 4776140
> http://medicina.uncoma.edu.ar/
>
>

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Kai Lan]

I think the easiest way is over ride the dns. Or make the ips routed  
to a wrong destination by adding a static route rule.


Regards,

Kai

On 4 Jun 2010, at 15:41, "Luis G. Coralle"   
wrote:





2010/6/4 Luke Jaeger 
We use squidguard in combination with shallalist (www.shallalist.de)  
to block sites by category (malware, porn, gambling, etc).

You can also add individual domains to your blacklist by hand.
Works great.


Luke Jaeger | Technology Coordinator
Pioneer Valley Performing Arts Charter Public School
www.pvpa.org


On Jun 4, 2010, at 12:18 AM, justino garcia wrote:

How does one go by blocking facebook twitter and youtube also how does
one autoblock malicous sites
Thanks
Justin

--
Justin
IT-TECH

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org



-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org



Hi, squid no caching https pages. Facebook have https too ( https://www.facebook.com/ 
 )

To block this you have to add rule like:

Destination:
Type: Network
Address: 66.220.144.0/20


See:
- http://wiki.developers.facebook.com/index.php/Facebook_IP_Addresses
- whois 69.63.189.16



--
Luis G. Coralle
Departamento de Informática
Facultad de Ciencias Médicas
Universidad Nacional del Comahue
Av. Luis Toschi y Los Arrayanes
Cipolletti - Río Negro
Tel. 0299 - 4782603 INT. 24 / Fax 0299 - 4776140
http://medicina.uncoma.edu.ar/

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Luis G. Coralle]

2010/6/4 Luke Jaeger 

> We use squidguard in combination with shallalist (www.shallalist.de) to
> block sites by category (malware, porn, gambling, etc).
> You can also add individual domains to your blacklist by hand.
> Works great.
>
>
> Luke Jaeger | Technology Coordinator
> Pioneer Valley Performing Arts Charter Public School
> www.pvpa.org
>
>
> On Jun 4, 2010, at 12:18 AM, justino garcia wrote:
>
>  How does one go by blocking facebook twitter and youtube also how does
>> one autoblock malicous sites
>> Thanks
>> Justin
>>
>> --
>> Justin
>> IT-TECH
>>
>> -
>> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
>> For additional commands, e-mail: support-h...@pfsense.com
>>
>> Commercial support available - https://portal.pfsense.org
>>
>>
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>

Hi, squid no caching https pages. Facebook have https too (
https://www.facebook.com/ )
To block this you have to add rule like:

Destination:
Type: Network
Address: 66.220.144.0/20


See:
- http://wiki.developers.facebook.com/index.php/Facebook_IP_Addresses
- whois 69.63.189.16



-- 
Luis G. Coralle
Departamento de Informática
Facultad de Ciencias Médicas
Universidad Nacional del Comahue
Av. Luis Toschi y Los Arrayanes
Cipolletti - Río Negro
Tel. 0299 - 4782603 INT. 24 / Fax 0299 - 4776140
http://medicina.uncoma.edu.ar/

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Luke Jaeger]

We use squidguard in combination with shallalist (www.shallalist.de)  
to block sites by category (malware, porn, gambling, etc).

You can also add individual domains to your blacklist by hand.
Works great.


Luke Jaeger | Technology Coordinator
Pioneer Valley Performing Arts Charter Public School
www.pvpa.org

On Jun 4, 2010, at 12:18 AM, justino garcia wrote:


How does one go by blocking facebook twitter and youtube also how does
one autoblock malicous sites
Thanks
Justin

--
Justin
IT-TECH

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org




-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Michel Servaes]

> How does one go by blocking facebook twitter and youtube also how does
> one autoblock malicous sites
> Thanks
> Justin
>

By the way : I didn't solve this by using squidguard (I've used to use
this solution), but now we have an antivirus capable of blocking
categories (webmail, social networksites, ...)
This can be managed by computername, which is quite good to block only
several computers of abusing the net...

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org

Re: [pfSense Support] block facebook twitter and youtube pfsense

[justino garcia]

Thanks

On Fri, Jun 4, 2010 at 7:58 AM, Michel Servaes  wrote:

> > How does one go by blocking facebook twitter and youtube also how does
> > one autoblock malicous sites
> > Thanks
> > Justin
>
> Install the proxy package, and use squidguard to block keywords...
> Though I must say, the package only works best on a true pc/server
> with a harddisk - not recommended on an Alix board.
>
> An option to use an USB drive as temporary storage for caching sites,
> would be a nice option...
>
> -
> To unsubscribe, e-mail: support-unsubscr...@pfsense.com
> For additional commands, e-mail: support-h...@pfsense.com
>
> Commercial support available - https://portal.pfsense.org
>
>


-- 
Justin
IT-TECH

Re: [pfSense Support] block facebook twitter and youtube pfsense

[Michel Servaes]

> How does one go by blocking facebook twitter and youtube also how does
> one autoblock malicous sites
> Thanks
> Justin

Install the proxy package, and use squidguard to block keywords...
Though I must say, the package only works best on a true pc/server
with a harddisk - not recommended on an Alix board.

An option to use an USB drive as temporary storage for caching sites,
would be a nice option...

-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com

Commercial support available - https://portal.pfsense.org