On Sat, 19 Oct 2013, Stefan Wollny wrote: > Hi there, > > having a personal dislike of Facebook (and the MeeToo-systems alike) > for their impertinent sniffing for private data I tried on my laptop to > block facebook.com via hosts-file. Interestingly this failed: Calling > "http://www.facebook.com"; always resulted in a lookup for > "httpS://www.facebook.com" and the respective site showed up in the > browser (tried firefox and xombrero). > > ... > > Curious if there is a particular (Open)BSD solution or simply how you > 'guys and gals' would do it. > > Thank you for sharing your thoughts.
One possibilty off the top of my head would be to log all DNS requests to syslog and then use syslogc to get a live running stream of DNS requests from a syslog memory buffer. Then whenever you see a DNS request for anything to do with facebook, add the ip address of the requestor to a pf table and block their web browsing. After about three to five minutes, remove the ip address from the table. If every time they try to access facebook, their web browser quits working for a few minutes they might get the message. Eric
