On Fri, Dec 11, 2015 at 08:03:14PM -0700, the...@sys-concept.com wrote > Does anybody have an idea how to block facebook? > > I'm using dd-wrt. The "access restriction" can block http but not https > and I'm not good in iptables :-/ > In addition users are using VirtualBox on the network as well.
An excerpt from my /var/lib/iptables/rules-save ruleset... [0:0] -A INPUT -s 31.13.24.0/21 -j FECESBOOK [154:11168] -A INPUT -s 31.13.64.0/18 -j FECESBOOK [0:0] -A INPUT -s 66.220.144.0/20 -j FECESBOOK [0:0] -A INPUT -s 69.63.176.0/20 -j FECESBOOK [0:0] -A INPUT -s 69.171.224.0/19 -j FECESBOOK [0:0] -A INPUT -s 74.119.76.0/22 -j FECESBOOK [0:0] -A INPUT -s 103.4.96.0/22 -j FECESBOOK [0:0] -A INPUT -s 173.252.64.0/18 -j FECESBOOK [0:0] -A INPUT -s 204.15.20.0/22 -j FECESBOOK [0:0] -A OUTPUT -d 31.13.24.0/21 -j FECESBOOK [3763325:225839770] -A OUTPUT -d 31.13.64.0/18 -j FECESBOOK [56:3360] -A OUTPUT -d 66.220.144.0/20 -j FECESBOOK [0:0] -A OUTPUT -d 69.63.176.0/20 -j FECESBOOK [874:52440] -A OUTPUT -d 69.171.224.0/19 -j FECESBOOK [0:0] -A OUTPUT -d 74.119.76.0/22 -j FECESBOOK [0:0] -A OUTPUT -d 103.4.96.0/22 -j FECESBOOK [3306:198360] -A OUTPUT -d 173.252.64.0/18 -j FECESBOOK [0:0] -A OUTPUT -d 204.15.20.0/22 -j FECESBOOK [3767715:226105098] -A FECESBOOK -j LOG --log-prefix "FECESBOOK:" --log-level 6 [3767715:226105098] -A FECESBOOK -j DROP It's OK to change the numbers in brackets to [0:0]. They represent the number of [packets:bytes] since the rule was last updated. Which block has the most traffic depends on which part of the planet you're on. Here in Toronto, Canada outbound traffic to the 31.13.64.0/18 block, specifically 31.13.80.3, is the most common hit. This comes from websites with Facebook beacons trying to track every man and his dog. You'll notice the occasional website with a small rectangle that says "...can't establish a connection to the server at...". Insert your browser's name at the left, and the website name (Facebook, ad.doubleclick.net, etc) at the right. -- Walter Dnes <waltd...@waltdnes.org> I don't run "desktop environments"; I run useful applications