Re: Blocking facebook.com: PF or squid?

[carlos albino garcia grijalba]

host file its good but does not stop web proxy's

> From: stefan.wol...@web.de
> To: misc@openbsd.org
> Subject: Re: Blocking facebook.com: PF or squid?
> Date: Mon, 21 Oct 2013 18:26:57 +0200
>
> Hi Sico!
> Hi list!
>
> >[stuff deleted for brevity]
> >
> >>> I am in a similar situation (squid at home) and I simply have a
> >>> blacklist with lines like these:
> >>>
> >>> doubleclick
> >>> facebook
> >>> scorecardresearch
> >>>
> >>> Works like a charm for me, and no need to look up IP address blocks
> >>> or anything like that. And since I am the only user here there's no
> >>> collateral damage. ;-)
> >>
> >> Well: I am personally liable for what leaves my network so this kind of
> >> 'collateral damage' is what I intentionally try to achieve :-) (see the
> >> reply to myself a few minutes ago)
> >
> > Uhm, squid only filters incoming traffice...
>
> Doesn't this actually answer my original question: If only incoming traffic
is filtered by squid stealth outflows towards FB is not catched by the proxy.
Obviously then only PF serves my needs for a reason.
>
> >> May I ask a follow-up question: Did you set up the blacklist within
> >> squid.conf or did you reference to a separate file?
> >
> > A bit of both really, I use a seperate file and reference it in
squid.conf:
> >
> > sico@siem2:~>grep blacklist /etc/squid/squid.conf
> > acl blacklist url_regex "/etc/squid/blacklist.acl"
> > http_access deny blacklist
> > sico@siem2:~>
>
> Thanks for this. This brings an idea to me: I will try this with the full
list of 'nasty addresses' from http://winhelp2002.mvps.org/hosts.htm.
Shouldn't this then have the same effect on all clients served by the
squid-server as if I'd go around and update the individual hosts-files?
>
> > The "url_regex" allows me to specify facebook instead of facebook.com
etc.
>
> That is good to know!
>
> > CU, Sico.
>
> Thanks again and
> have a nice week,
>
> STEFAN