I think the best is to combine DNS and firewall rule. Using something like OpenDNS for all the DNS inquiry on your network and then setup firewall rule so that only DNS inquiry are allowed to OpenDNS. Then, going to OpenDNS to set your own blocking/allowing rule(s).
-Raylund -----Original Message----- From: Luke Jaeger [mailto:ad...@pvpa.org] Sent: Wednesday, March 23, 2011 12:07 PM To: support@pfsense.com Subject: Re: [pfSense Support] can't block https://facebook.com via firefox okay, I took a long hard look at all my rules and tightened them up - I think it's working now. Will repost if the students figure out another way around it. Thanks everyone! Luke Jaeger | Technology Coordinator Pioneer Valley Performing Arts Charter Public School www.pvpa.org On Mar 23, 2011, at 11:20 AM, Ryan Rodrigue wrote: > I personally would set anything on the local network on Https, and > Http to block thus forcing them to use your squid proxy. (Allow squid > proxy of > course) --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org